Objectives
- Understand how the RPM system is organized and which operations it can accomplish
- Explain the naming conventions used for both binary and source rpm files
- Know how to query, verify, install, uninstall, upgrade and freshen packages
- Grasp why new kernels should be installed rather than upgraded
- Know how to use rpm2cpio to copy packaged files into a cpio archive, as well as to extract the files without installing them
RPM
Red Hat Package Management.
rpm files are distribution-dependent
Advantages of Using RPM
Advantages for system administrators
- Determine what package any file on the system is part of
- Determine what version is installed
- Installing and Unistalling packages
- Verify that a package was installed correctly
- Distinguish documentation files from the rest of the files
- Use ftp or HTTP to install packages over the Internet
Package File Names
RPM package file names are based on fields that represent specific information, as documented in the RPM standard "http://www.rpm.org"
- The standard naming format for a binary package is
- <name>-<version>-<release>.<distro>.<architecture>.rpm
- sed-4.2.2-10.e16.x86_64.rpm
- The standard naming format for a source package is
- <name>-<version>-<release>.<distro>.src.rpm
- sed-4.2.1-10.e16.src.rpm
Database Directory
/var/lib/rpm
Is the default system directory which holds RPM database files in the form of Berkeley DB hash files. The database files should not be manually modified.
An alternative database directory can be specified with the --dbpath option to the rpm program. We could use it to analyze the database copied from another system.
You can use the --rebuilddb option to rebuild the database indices from the installed package headers. This is more of a repair and not a rebuild from scratch
Helper Programs and Modifying Settings
Programs and helper scripts used by RPM reside in
/usr/lib/rpm
There are several of them
$ ls /usr/lib/rpm | wc -l 69
We can create a rpmrc file to specify default settings for rpm. By default rpm looks for :
- /usr/lib/rpm/rpmrc
- /etc/rpmrc
- ~/.rpmrc
This is the order in which rpm search for its configuration file. It will stops as soon as it finds one. An alternative rpmrc file can be specified using the --rcfile option.
Queries
All rpm queries include the -q option, which can be combined with numerous sub-options as in:
- Which version of a package is installed
- $ rpm -q bash
- Which package did this file come from
- $ rpm -qf /bin/bash
- What files were installed by this package
- $ rpm -ql bash
- Show information about this package
- $ rpm -qi bash
- Show information about this package from the package file, not the package database
- $ rpm -qip foo-1.0.0.1.noarch.rpm
- List all install packages on this system
- $ rpm -qa
A couple of other useful option are --requires and --whatprovides
- Return a list of prerequisites for a package
- $ rpm -qp --requires foo-1.0.0-1.noarch.rpm
- Show what installed package provides a particular requisite package
- $ rpm -q --whatprovides libc.so.6
Verifying Packages
The -V option to rpm allows you to verify whether the files from a particular package are consistent with the system's RPM database. To verify all packages installed on the system :
$ rpm -Va S.5....T. c /var/lib/unbound/root.key S.5....T. c /etc/cups/cups-browsed.conf .M....... /var/log/journal ....L.... /usr/lib/os-release S.5....T. c /etc/hba.conf missing /var/run/wpa_supplicant .......T. c /etc/kdump.conf .M....... /var/lib/nfs/rpc_pipefs S.5....T. c /etc/plymouth/plymouthd.conf .M....... /run/libgpod ..5....T. /var/lib/selinux/targeted/active/commit_num .......T. /var/lib/selinux/targeted/active/homedir_template .......T. /var/lib/selinux/targeted/active/users_extra .M....G.. /var/log/gdm .M....... c /etc/cups/subscriptions.conf ....L.... c /etc/pam.d/fingerprint-auth ....L.... c /etc/pam.d/password-auth ....L.... c /etc/pam.d/postlogin ....L.... c /etc/pam.d/smartcard-auth ....L.... c /etc/pam.d/system-auth
Each of the characters displayed above denotes the result of a comparison of attribute(s) of the file to the value of those attributes recorded in the database.
- A single "." means the test passed
- A single "?" indicates the test could not be performed
- S
- File size differs
- M
- File permissions and/or type differs
- 5
- MD5 checksum differs
- D
- Device major/minor number mismatch
- L
- Symbolic link path mismatch
- U
- User ownership differs
- G
- Group ownership differs
- T
- Modification time differs
- P
- Capabilities differ
Examing specific packages
No output when everything is OK
$ rpm -V bash
Output indicating that a file's size, checksum and modification time have changed
$ rpm -V talk S.5....T in.ntalkd.8
Output indicating that a file is missing
$ rpm -V talk missing /usr/bin/talk
Installing Packages
$ sudo rpm -ivh foo-1.0.0-1.noarch.rpm
- i
- Install
- v
- Verbose
- h
- Print hash marks while doing to show progress
Task performed by RPM when installing
- Dependency checks
- Conflict check
- Execute commands required befor installation
- Manage configuration files
- Unpacks the files from packages and install them
- Execute commands after installation
- Updates the system RPM database
Uninstalling Packages
The -e option causes rpm to uninstall (erase) a package.
If the installation fails with an error it could be because the package has not been installed yet or is required by other packages.
A sucessful uninstall produces no output
$ sudo rpm -e system-config-lvm
In order to test the unistall process we can use the flag --test
$ sudo rpm -e --test system-config-lvm
Upgrading Packages
Upgrading replaces the original package (if installed) as in
$ sudo rpm -Uvh bash-4.2.45-5.el7_0.4.x86_64.rpm
You can give a list of package names, not just one.
When upgrading the already installed package is removed after the newer version is installed. Only the configuration files remains from the original installation which are kept with a .rpmsave extension.
If you use the -U option and the package is not already installed, it is simply installed and there is no error.
The -i option is not designed for upgrades, attempting to install a new RPM package over an older one fails with error message because it tries to overwrite existing system files.
However different versions of the same package may be installed if each version of the package does not contain the same files.
Kernel packages and library packages from other architectures are typically the only packages that would be commonly installed multiple times.
If you want to downgrade with rpm we must add the --oldpackage option to the command line
Freshening Packages
The command
$ sudo rpm -Fvh *.rpm
Will attempt to freshen all the packages in the current directory. This is the way it works
- If an older version of a package is installed, it will upgrade to the newer version in the directory
- If the version on the system is the same as the one in the directory, nothing happens
- If there is no version of a package installed, the package in the directory is ignored
Freshening can be useful for applying a lot of patches.
Upgrading the Kernel
$ sudo rpm -ivh kernel-{version}.{arch}.rpmFilling in the correct version and architecture names.
When you do this the GRUB configuration file will automatically be updated to include the new version. It will be the default choice at boot unless you reconfigure the system to do something else.
Once the new kernel version has been tested, you may remove the old version if you wish, though this is not necessary. Unless you are short on space, it is recommended that you keep one or more older kernels available.
Using rpm2cpio
Suppose you have a need to extract files from an rpm but do not want to actually install the package?
The rpm2cpio program can be used to copy the files from an rpm to a cpio archive, and also extract the files if so desired.
Create the cpio archive with
$ rpm2cpio foobar.rpm > foobar.cpio
To list files in an rpm
$ rpm2cpio foobar.rpm | cpio -t
or
$ rpm -qilp foobar.rpm
To extract onto the system
$ rpm2cpio bash-4.2.45-5.el7_0.4.x86_64.rpm | cpio -ivd bin/bash $ rpm2cpio foobar.rpm | cpio --extract --make-directories
