Monday, 17 December 2012

RED HAT LINUX PACKAGE MANAGER (RPM) & RPM COMMANDS


What is RPM?

The RPM Package Manager (RPM) is an open packaging system, which runs on Red Hat Enterprise Linux as well as other Linux and UNIX systems.Red Hat, Inc. encourages other vendors to use RPM for their own products. RPM is distributed under the terms of the GPL. The utility works only with packages built for processing by the rpm package. For the end user, RPM makes system updates easy. Installing, uninstalling, and upgrading RPM packages can be accomplished with short commands. RPM maintains a database of installed packages and their files, so you can invoke powerful queries and verifications on your system. If you prefer a graphical interface, you can use the Package Management Tool to perform many RPM commands.

During upgrades, RPM handles configuration files carefully, so that you never lose your customizations — something that you cannot accomplish with regular .tar, .gz files. For the developer, RPM allows you to take software source code and package it into source and binary packages for end users. This process is quite simple and is driven from a single file and optional patches that you create. This clear delineation between pristine sources and your patches along with build instructions eases the maintenance of the package as new
versions of the software are released.

RPM Design 

To understand how to use RPM, it can be helpful to understand the design goals of RPM:
Upgradability
With RPM, you can upgrade individual components of your system without Completely reinstalling. When you get a new release of an operating system Based on RPM (such as Red Hat Enterprise Linux), you
do not need to reinstall on your machine (as you do with operating systems based on other packaging systems). RPM allows intelligent, fullyautomated, in-place upgrades of your system. Configuration files in
packages are preserved across upgrades, so you do not lose your customizations. There is no special upgrade files needed to upgrade a package because the same RPM file is used to install and upgrade the
package on your system.

Powerful Querying
RPM is designed to provide powerful querying options. You can do searches through your entire database for packages or just for certain files.You can also easily find out what package a file belongs to and from
where the package came. The files an RPM package contains are in a compressed archive, with a custom binary header containing useful information about the package and its contents, allowing you to query
individual packages quickly and easily.
System Verification

Another powerful RPM feature is the ability to verify packages. If you are worried that you deleted an important file for some package, you can verify the package. You are then notified of any anomalies, if any — at which point, you can reinstall the package if necessary. Any configuration files that you modified are preserved during reinstallation.

Pristine Sources
A crucial design goal was to allow the use of pristine software sources, as distributed by the original authors of the software. With RPM, you have the pristine sources along with any patches that were used, plus
complete build instructions. This is an important advantage for several reasons. For instance, if a new version of a program is released, you do not necessarily have to start from scratch to get it to compile. You can look at the patch to see what you might need to do. All the compiled-in defaults, and all of the changes that were made to get the software to build properly, are easily visible using this technique. The goal of keeping sources pristine may seem important only for developers, but it results in higher quality software for end users, too.

Using RPM

RPM has five basic modes of operation (not counting package building): installing, uninstalling, upgrading, querying, and verifying. This section contains an overview of each mode.

Finding RPM Packages

Before using any RPM packages, you must know where to find them. An Internet search returns many RPM repositories, but if you are looking for RPM packages built by Red Hat, they can be found at the following locations:

  •  The Red Hat Enterprise Linux CD-ROMs
  •  Red Hat Network

Installing

RPM packages typically have file names like foo-1.0-1.i386.rpm. The file name includes the package name (foo), version (1.0), release (1), and architecture (i386). To install a package, log in as root and type the following command at a shell prompt:
rpm -ivh foo-1.0-1.i386.rpm
Alternatively, the following command can also be used:
rpm -Uvh foo-1.0-1.i386.rpm
If the installation is successful, the following output is displayed:
Preparing...
########################################### [100%]
1:foo ###########################################[100%]
As you can see, RPM prints out the name of the package and then prints a succession of hash marks as a progress meter while the package is installed. The signature of a package is checked automatically when installing or upgrading a package. The signature confirms that the package was signed by an authorized

party. For example, if the verification of the signature fails, an error messagesuch as the following is displayed:
 error: V3 DSA signature: BAD, key ID 0352860f
If it is a new, header-only, signature, an error message such as the following is displayed:
error: Header V3 DSA signature: BAD, key ID 0352860f
If you do not have the appropriate key installed to verify the signature, the message contains the word NOKEY such as:
warning: V3 DSA signature: NOKEY, key ID 0352860f

Package Already Installed

If a package of the same name and version is already installed, the following output is displayed:
Preparing...
########################################### [100%]
package
foo-1.0-1 is already installed
However, if you want to install the package anyway, you can use the -- replacepkgs option, which tells RPM to ignore the error:
rpm -ivh --replacepkgs foo-1.0-1.i386.rpm
This option is helpful if files installed from the RPM were deleted or if you want
the original configuration files from the RPM to be installed.

Conflicting Files

If you attempt to install a package that contains a file which has already been installed by another package, the following is displayed:

Preparing...
########################################### [100%]
file
/usr/bin/foo from install of foo-1.0-1 conflicts with file from package bar-2.0.20.To make RPM ignore this error, use the --replacefiles option:
rpm -ivh --replacefiles foo-1.0-1.i386.rpm

Unresolved Dependency

RPM packages may sometimes depend on other packages, which mean that they require other packages to be installed to run properly. If you try to install a package which has an unresolved dependency, output similar to the following is displayed:
error: Failed dependencies: bar.so.2 is needed by foo-1.0-1 Suggested
resolutions: bar-2.0.20-3.i386.rpm
If you are installing a package from the Red Hat Enterprise Linux CDROM set, it usually suggests the package(s) needed to resolve the dependency.Find the suggested package(s) on the Red Hat Enterprise Linux CDROMs or from Red Hat Network, and add it to the command:
rpm -ivh foo-1.0-1.i386.rpm bar-2.0.20-3.i386.rpm
If installation of both packages is successful, output similar to the following is displayed:
Preparing...
########################################### [100%]
1:foo
########################################### [ 50%]
2:bar
########################################### [100%]
If it does not suggest a package to resolve the dependency, you can try the – redhat provides option to determine which package contains the required file. You need the rpmdb-redhat package installed to use this option.
rpm -q --redhatprovides bar.so.2

If the package that contains bar.so.2 is in the installed database from the rpmdb-redhat package, the name of the package is displayed:
bar-2.0.20-3.i386.rpm
To force the installation anyway (which is not recommended since the package may not run correctly), use the --nodeps option.

Uninstalling

Uninstalling a package is just as simple as installing one. Type the following command at a shell prompt:
rpm -e foo

You can encounter a dependency error when uninstalling a package if another installed package depends on the one you are trying to remove. For example:
error: Failed dependencies: foo is needed by (installed) bar-2.0.20-3.i386.rpm
To make RPM ignore this error and uninstall the package anyway (which may break the package dependent on it) use the --nodeps option.

Upgrading

Upgrading a package is similar to installing one. Type the following command at a shell prompt:
rpm -Uvh foo-2.0-1.i386.rpm
As part of upgrading a package, RPM automatically uninstalls any old versions of the foo package. Note that -U will also install a package even when there are no previous versions of the package installed.Because RPM performs intelligent upgrading of packages with configuration files, you may see a message like the following:

saving /etc/foo.conf as /etc/foo.conf.rpmsave
This message means that changes you made to the configuration file may not be forward compatible with the new configuration file in the package, so RPM saved your original file and installed a new one. You should investigate the differences between the two configuration files and resolve them as soon as possible, to ensure that your system continues to function properly. If you attempt to upgrade to a package with an older version number (that is, if a more updated version of the package is already installed), the output is similar to
the following:
 package foo-2.0-1 (which is newer than foo-1.0-1) is already installed
To force RPM to upgrade anyway, use the --oldpackage option:
rpm -Uvh --oldpackage foo-1.0-1.i386.rpm

Freshening

Freshening is similar to upgrading, except that only existent packages are upgraded. Type the following command at a shell prompt:
 rpm -Fvh foo-1.2-1.i386.rpm
RPM's freshen option checks the versions of the packages specified on the command line against the versions of packages that have already been installed on your system. When a newer version of an already-installed package is processed by RPM's freshen option, it is upgraded to the newer version. However, RPM's freshen option does not install a package if no previously installed package of the same name exists. This differs from RPM's upgrade option, as an upgrade does install packages whether or not an older version of the package was already installed. Freshening works for single packages or package groups. If you have just downloaded a large number of different packages, and you only want to upgrade those packages that are already installed on your system, freshening does the job. Thus, you do not have to

delete any unwanted packages from the group that you downloaded before using RPM. In this case, issue the following command:
rpm -Fvh *.rpm
RPM automatically upgrades only those packages that are already installed.

Querying

The RPM database stores information about all RPM packages installed in your system. It is stored in the directory /var/lib/rpm/, and is used to query what packages are installed, what versions each package is, and any changes to any files in the package since installation, among others.To query this database, use the -q option. The rpm -q package name command displays the package name, version, and release number of the
installed package name. For example, using rpm -q foo to query installed package foo might generate the following output:
 foo-2.0-1
You can also use the following Package Selection Options with -q to further refine or qualify
Your query:

  • -a — queries all currently installed packages.
  •  -f <filename> — queries the RPM database for which package owns <filename>. When specifying a            file, specify the absolute path of the file (for example, rpm -f /bin/ls).
  •  -p <packagefile> — queries the uninstalled package <packagefile>.

There are a number of ways to specify what information to display about queried packages. The following options are used to select the type of information for which you are searching. These are called Information Query Options.


  •  -i displays package information including name, description, release, size, build date, install date, vendor, and other miscellaneous information.
  • -l displays the list of files that the package contains.
  •  -s displays the state of all the files in the package.
  •  -d displays a list of files marked as documentation (man pages, info pages, READMEs, etc.).
  • -c displays a list of files marked as configuration files. These are the files you edit after installation to adapt and customize the package to your system (for example, sendmail.cf, passwd, inittab, etc.).


 Verifying

Verifying a package compares information about files installed from a package with the same information from the original package. Among other things, verifying compares the size, MD5 sum, permissions, type, owner, and group of each file. The command rpm -V verifies a package. You can use any of the
Package Verify Options listed for querying to specify the packages you wish to verify. A simple use of verifying is rpm -V foo, which verifies that all the files in the foo package are as they were when they were originally installed. For example:
To verify a package containing a particular file:
rpm -Vf /usr/bin/foo
In this example, /usr/bin/foo is the absolute path to the file used to query a package.
To verify ALL installed packages throughout the system:
rpm -Va
To verify an installed package against an RPM package file:
rpm -Vp foo-1.0-1.i386.rpm
This command can be useful if you suspect that your RPM databases are corrupt. If everything verified properly, there is no output. If there are any discrepancies, they are displayed. The format of the output is a string of eight characters (a c denotes a configuration file) and then the file name. Each of the eight characters denotes the result of a comparison of one attribute of the file to the value of that attribute recorded in the RPM database. A single period (.) means the test passed. The following characters denote specific discrepancies:


  •  5 — MD5 checksum
  •  S — file size
  •  L — symbolic link
  •  T — file modification time
  •  D — device
  •  U — user
  •  G — group
  •  M — mode (includes permissions and file type)
  •  ? — unreadable file

If you see any output, use your best judgment to determine if you should remove the package, reinstall it, or fix the problem in another way.

Checking a Package's Signature

If you wish to verify that a package has not been corrupted or tampered with, examine only the md5sum by typing the following command at a shell prompt (where <rpm-file> is the file name of the RPM package):
rpm -K --nosignature <rpm-file>
The message <rpm-file>: md5 OK is displayed. This brief message means that the file was not corrupted by the download. To see a more verbose message, replace -K with -Kvv in the command.On the other hand, how trustworthy is the developer who created the package? Ifthe package is signed with the developer's GnuPG key, you know that the developer really is who they say they are. An RPM package can be signed using Gnu Privacy Guard (or GnuPG), to help you make certain your downloaded package is trustworthy.
GnuPG is a tool for secure communication; it is a complete and free replacement for the encryption technology of PGP, an electronic privacy program. With GnuPG, you can authenticate the validity of documents and encrypt/decrypt data to and from other recipients. GnuPG is capable of decrypting and verifying PGP 5.x files as well. During installation, GnuPG is installed by default. That way you can

immediately start using GnuPG to verify any packages that you receive from Red Hat. Before doing so, you must first import Red Hat's public key.

Importing Keys

To verify Red Hat packages, you must import the Red Hat GPG key. To do so, execute the following command at a shell prompt:
 rpm --import /usr/share/rhn/RPM-GPG-KEY
To display a list of all keys installed for RPM verification, execute the command:
 rpm -qa gpg-pubkey*
For the Red Hat key, the output includes:
gpg-pubkey-db42a60e-37ea5438
To display details about a specific key, use rpm -qi followed by the output from the previous command:
rpm -qi gpg-pubkey-db42a60e-37ea5438
Verifying Signature of Packages
To check the GnuPG signature of an RPM file after importing the builder's GnuPG key, use the following command (replace <rpm-file> with the filename of the RPM package):
rpm -K <rpm-file>
If all goes well, the following message is displayed: md5 gpg OK. This means that the signature of the package has been verified, and that it is not corrupt.

Practical and Common Examples of RPM Usage

RPM is a useful tool for both managing your system and diagnosing and fixing problems. The best way to make sense of all of its options is to look at some
examples.
Perhaps you have deleted some files by accident, but you are not sure what you deleted. To verify your entire system and see what might be
missing, you could try the following command:
rpm -Va

If some files are missing or appear to have been corrupted, you should probably either re-install the package or uninstall and then re-install the package.
At some point, you might see a file that you do not recognize. To find
out which package owns it, enter:
rpm -qf /usr/bin/ggv
The output would look like the following:
 ggv-2.6.0-2
We can combine the above two examples in the following scenario. Say you are having problems with /usr/bin/paste. You would like to verify the package that owns that program, but you do not know which package owns paste. Enter the following command,
rpm -Vf /usr/bin/paste
and the appropriate package is verified.
Do you want to find out more information about a particular program? You can try the following command to locate the documentation which came with the package that owns that program:
rpm -qdf /usr/bin/free
The output would be similar to the following:

  •  /usr/share/doc/procps-3.2.3/BUGS /usr/share/doc/procps-3.2.3/FAQ
  •  /usr/share/doc/procps-3.2.3/NEWS /usr/share/doc/procps-3.2.3/TODO
  •  /usr/share/man/man1/free.1.gz /usr/share/man/man1/pgrep.1.gz
  •  /usr/share/man/man1/pkill.1.gz /usr/share/man/man1/pmap.1.gz
  •  /usr/share/man/man1/ps.1.gz /usr/share/man/man1/skill.1.gz
  • /usr/share/man/man1/slabtop.1.gz /usr/share/man/man1/snice.1.gz
  •  /usr/share/man/man1/tload.1.gz /usr/share/man/man1/top.1.gz
  • /usr/share/man/man1/uptime.1.gz /usr/share/man/man1/w.1.gz
  •  /usr/share/man/man1/watch.1.gz /usr/share/man/man5/sysctl.conf.5.gz
  •  /usr/share/man/man8/sysctl.8.gz /usr/share/man/man8/vmstat.8.gz

You may find a new RPM, but you do not know what it does. To find informationabout it, use the following command:
rpm -qip crontabs-1.10-7.noarch.rpm
The output would be similar to the following: Name : crontabs Relocations: (not relocatable)
Version : 1.10 Vendor: RedHat, Inc. Release : 7 Build Date: Mon 20 Sep 2003

05:58:10 PM EDT Install Date: (not installed) Build Host: tweety.build.redhat.com Group : System
Environment/Base Source RPM: crontabs-1.10-7.src.rpm Size : 1004 License: Public Domain Signature :
DSA/SHA1, Wed 05 Jan 2005 06:05:25 PM EST, Key ID 219180cddb42a60e Packager : Red Hat, Inc.
<http://bugzilla.redhat.com/bugzilla> Summary : Root crontab files used to schedule the execution of
programs. Description : The crontabs package contains root crontab files. Crontab is the program
used to install, uninstall, or list the tables usedto drive the cron daemon. The cron daemon checks the
crontab files to see when particular commands are Scheduled to be executed. If commands are scheduled,
then it executes them.
Perhaps you now want to see what files the crontabsRPM installs. You would enter the following:
rpm -qlp crontabs-1.10-5.noarch.rpm
The output is similar to the following:

  •  /etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly
  •  /etc/crontab /usr/bin/run-parts

These are just a few examples. As you use RPM, you may find more uses for it.

Installed Documentation

 rpm --help — This command displays a quick reference of RPM
parameters.
 man rpm — The RPM man page gives more detail about RPM parameters
than the rpm--help command



















No comments:

Post a Comment