Is it safe to rename .deb file named by the standards?

Over the years, I’ve accumulated a large number of .deb packages with non-standard names, and I don’t remember running into any problems. “Famous” packages with non-standard names that people might come across nowadays include google-chrome-stable_current_amd64.deb and steam.deb. (In both cases, the fixed, versionless name ensures that a stable URL can be used for downloads, and a stable name for installation instructions.)

However I don’t remember running across any with spaces in their names; that shouldn’t cause issues with tools either, but it might cause confusion for your users (since they’ll need to quote the filename or escape the spaces if they’re using shell-based tools).

Another point to note is that using a non-standard name which isn’t the same as your package name (as stored in the control file) could also cause confusion, e.g. when attempting to remove the package (since the package name won’t be the same as the name used to install it).

As a result of all this, if you don’t want to stick to the canonical name I would recommend something like my-program.deb or my-program_amd64.deb (depending on whether you want to support multiple architectures). You can make that a symlink to the versioned filename too if you want to allow older versions to be downloaded.


The file names are standardized mainly for the benefit of the archive maintenance software and the local cache.

In the old days, before the m68k architecture was added to Debian, file names used "package_version.deb", with no issues. The architecture name was added to the file name when the archive software needed to store i386 and m68k packages of the same package and version in the same directory. As the package list has always contained both long and 8.3 file names, that could be implemented without breaking clients.

Dpkg does not generally care about the file names of packages at all. During installation runs, APT generates a directory with all package files for this installation run, and each file will have the number in the current run prepended to the file name (i.e. if you install package foo version 1, and package bar version 2, which foo depends on, apt will pass 0-bar_2_all.deb and 1-foo_1_amd64.deb to dpkg).

APT generally assumes that names are unique for caching purposes. If you reuse a name, users that have this file in their cache already will attempt to resume the download if the new file is larger, which will leave them with an invalid file that is subsequently discarded as it fails the checksum test. This error is however shown to the user, and they have to restart the installation run.