Using RPM

Previous page
Table of content
Next page


RPM has five basic modes of operation (not counting package building): installing, uninstalling, upgrading, querying, and verifying. The following sections contain an overview of each mode. For complete details and options try rpm --help, or see the “Additional Resources” section later in this chapter for more sources of information on RPM.

Finding RPM Packages

Before using an RPM, you must know where to find them. An Internet search will return many RPM repositories, but if you are looking for RPM packages built by Red Hat, you can find them at the following locations:

  • The official Red Hat Linux CD-ROMs

  • The Red Hat Errata Page available at the following URL:

     http://www.redhat.com/apps/support/errata/

  • A Red Hat FTP mirror site; many of these mirror sites are available at the following URL:

     http://www.redhat.com/download/mirror.html

  • The Red Hat Network. See Chapter 19 for more information on the Red Hat Network

Installing a Package

RPM packages typically have file names like foo-1.0-1.i386.rpm. The file name includes the package name (foo), the package version (1.0), the release (1), and the architecture for which the package was intended (i386). Installing this example package is as simple as logging in as root and typing the following command at a shell prompt:

rpm -Uvh foo-1.0-1.i386.rpm

The -Uvh options that follow the command specify that you want to install or upgrade the package, that you want to see verbose messages, and that you want to see hash marks (#) while the package is installing.

If installation is successful, you will see the following:

Preparing...                   ########################################### [100%]     1:foo                      ########################################### [100%]

As you can see, RPM prints out the name of the package and then prints a succession of hash marks as the package is installed as a progress meter.

The signature of a package is checked when installing or upgrading a package. If verifying the signature fails, you will see an error message such as:

error: V3 DSA signature: BAD, key ID 0352860f

If is it a new, header-only signature, you will see an error message such as:

error: Header V3 DSA signature: BAD, key ID 0352860f

If you do not have the appropriate key installed to verify the signature, the message will contain NOKEY such as:

warning: V3 DSA signature: NOKEY, key ID 0352860f

See the “Checking a Package’s Signature” section later in this chapter for more information on checking a package's signature.

Installing packages is designed to be simple, but you may sometimes see errors. The following sections describe the most common package installation errors.

Package Already Installed

If the package of the same version is already installed, you will see the following error:

Preparing...                   ########################################### [100%] package foo-1.0-1 is already installed

If you want to install the package anyway and the same version you are trying to install is already installed, you can use the --replacepkgs option, which tells RPM to ignore the error. The installation command would then look as follows:

rpm -ivh --replacepkgs foo-1.0-1.i386.rpm

This option is helpful if files installed from the RPM were deleted or if you want the original configuration files from the RPM to be installed.

Conflicting Files

If you attempt to install a package containing a file that has already been installed by another package or an earlier version of the same package, you will see the following error:

Preparing...                   ########################################### [100%] file /usr/bin/foo from install of foo-1.0-1 conflicts with file from package bar-2.0.20

To make RPM ignore this error, use the --replacefiles option as follows:

rpm -ivh --replacefiles foo-1.0-1.i386.rpm

Unresolved Dependency

RPM packages can depend on other packages, which means that they require other packages to be installed in order to run properly. If you try to install a package that has an unresolved dependency, you will see the following error:

Preparing...                   ########################################### [100%] error: Failed dependencies:         bar.so.2 is needed by foo-1.0-1     Suggested resolutions:         bar-2.0.20-3.i386.rpm

If you are installing an official Red Hat package, the system will usually suggest the package(s) needed to resolve the dependency. You can then find this package on the Red Hat Linux CD-ROMs or from the Red Hat FTP site (or mirror), and add it to the command, as follows:

rpm -ivh foo-1.0-1.i386.rpm bar-2.0.20-3.i386.rpm

If installation of both packages is successful, you will see the following output:

Preparing...                   ########################################### [100%]     1:foo                      ########################################### [ 50%]     2:bar                      ########################################### [100%]

If the system does not suggest a package to resolve the dependency, you can try the --redhatprovides option as follows to determine which package contains the required file. You need the rpmdb-redhat package installed to use this option.

rpm -q --redhatprovides bar.so.2

If the package that contains bar.so.2 is in the installed database from the rpmdb-redhat package, the name of the package will be displayed:

bar-2.0.20-3.i386.rpm

If you want to force the installation anyway (a bad idea since the package probably will not run correctly), use the --nodeps option.

Uninstalling a Package

Uninstalling a package is just as simple as installing one. Type the following command at a shell prompt:

rpm -e foo-1.0-1.i386.rpm
Note

Make sure to use the actual name of the original package in your uninstall command.

You may encounter a dependency error when uninstalling a package if another installed package depends on the one you are trying to remove. For example:

Preparing...                   ########################################### [100%] error: removing these packages would break dependencies:         foo is needed by bar-2.0.20-3.i386.rpm

To cause RPM to ignore this error and uninstall the package anyway (which is also a bad idea because the package that depends on it will probably thereafter fail to work properly), use the --nodeps option.

Upgrading

Upgrading a package is similar to installing one. To upgrade the foo package, for example, you would type the following command at a shell prompt:

rpm -Uvh foo-2.0-1.i386.rpm

The use of the -U option in the above command makes RPM automatically uninstalls any old versions of the foo package.

Tip

You may want to always use -U to install packages;the command will work even when there are no previous versions of the package installed.

Because RPM performs intelligent upgrading of packages with configuration files, you may see a message similar to the following:

saving /etc/foo.conf as /etc/foo.conf.rpmsave

This message means that your changes to the configuration file may not be forward compatible with the new configuration file in the package, so RPM saved your original file and installed a new one.

You should investigate the differences between the two configuration files and resolve them as rapidly as possible to ensure that your system continues to function properly.

Upgrading is really a combination of uninstalling and installing, so during an RPM upgrade you may encounter uninstalling and installing errors, plus one more. If RPM thinks you are trying to upgrade to a package with an older version number, you will see an error message similar to the following:

package foo-2.0-1 (which is newer than foo-1.0-1) is already installed

To force RPM to "upgrade" anyway, use the --oldpackage option, as follows:

rpm -Uvh --oldpackage foo-1.0-1.i386.rpm

Freshening a Package

Freshening a package is similar to upgrading one. To freshen the foo package, for example, type the following command at a shell prompt:

rpm -Fvh foo-1.2-1.i386.rpm

RPM's freshen option checks the versions of the packages specified in the command against the versions of packages that have already been installed on your system. When a newer version of an already-installed package is processed by RPM's freshen option, it will be upgraded to the newer version. However, RPM's freshen option will not install a package if no previously-installed package of the same name exists. This differs from RPM's upgrade option, as an upgrade will install packages whether or not an older version of the package was already installed.

RPM's freshen option works for single packages or a group of packages. If you have just downloaded a large number of different packages and you only want to upgrade those packages that are already installed on your system, freshening will do the job. If you use freshening, you will not have to delete any unwanted packages from the group that you downloaded before using RPM.

In this case, you can simply issue the following command:

rpm -Fvh *.rpm

RPM will automatically upgrade only those packages that are already installed.

Querying a Package

Use the rpm -q command to query the database of installed packages. The rpm -q foo command will print the package name, version, and release number of the installed package foo:

foo-2.0-1
Note

Notice that we used the package name foo. To query a package, you will need to replace foo with the actual package name.

Instead of specifying the package name, you can use the following options along with -q to specify the package(s) you want to query. These are called Package Specification Options.

  • -a — Queries all currently installed packages.

  • -f file— Queries the package which owns file. When specifying a file, you must specify the full path of the file (for example, /usr/bin/ls).

  • -pZ packagefile— Queries the package packagefile.

There are a number of ways to specify what information to display about queried packages. The following options are used to select the type of information for which you are searching. These are called Information Selection Options.

  • -i — Displays package information including name, description, release, size, build date, install date, vendor, and other miscellaneous information.

  • -l — Displays the list of files that the package contains.

  • -s — Displays the state of all the files in the package.

  • -d — Displays a list of files marked as documentation (man pages, info pages, READMEs, etc.).

  • -c — Displays a list of files marked as configuration files. These are the files you change after installation to adapt the package to your system (for example, sendmail.cf, passwd, inittab, etc.).

    Tip

    For options that display lists of files, you can add -v to the command to display the lists in a familiar ls -l format.

Verifying a Package

Verifying a package compares information about files installed from a package with the same information from the original package. Among other things, verifying compares the size, MD5 sum, permissions, type, owner, and group of each file.

The command rpm -V verifies a package. You can use any of the Package Selection Options listed for querying to specify the packages you wish to verify. A simple use of verifying is rpm -V foo (where foo is the package you’re verifying), which verifies that all the files in the foo package are as they were when they were originally installed.

For example:

  • To verify a package containing a particular file (in this case, the vi file), use the following command:

    rpm -Vf /bin/vi

  • To verify ALL installed packages, use the following command:

    rpm -Va

  • To verify an installed package against an RPM package file, use the following command:

    rpm -Vp foo-1.0-1.i386.rpm

    This command can be useful if you suspect that your RPM databases are corrupt.

If everything verified properly, there will be no output. If there are any discrepancies, they will be displayed. The format of the output is a string of eight characters (a c denotes a configuration file) and then the file name. Each of the eight characters denotes the result of a comparison of one attribute of the file to the value of that attribute recorded in the RPM database. A single . (a period) means the test passed. The characters listed in Table 20-1 denote failure of certain tests.

Table 20-1: Error Code Characters

Error Character

What Failed

5

MD5 checksum

S

File size

L

Symbolic link

T

File modification time

D

Device

U

User

G

Group

M

Mode (includes permissions and file type)

?

Unreadable file

If you see any output, use your best judgment to determine whether you should remove or reinstall the package or fix the problem in another way.

Checking a Package's Signature

If you wish to verify that a package has not been corrupted or tampered with, examine only the md5sum by typing the following command at a shell prompt (replace rpm-file with the filename of the RPM package):

rpm -K --nogpg rpm-file

You will see the following message 

rpm-file : md5 OK

This brief message means that the file was not corrupted by the download.

Tip

To see a more verbose message, replace -K with -Kvv in the command.

On the other hand, how trustworthy is the developer who created the package? If the package is signed with the developer's GnuPG key, you will know that the developer really is who he says he is.

An RPM package can be signed using the Gnu Privacy Guard (or GnuPG), to help you make certain your downloaded package is trustworthy.

GnuPG is a tool for secure communication; it is a complete and free replacement for the encryption technology of PGP, an electronic privacy program. With GnuPG, you can authenticate the validity of documents and encrypt/decrypt data to and from other recipients. GnuPG is capable of decrypting and verifying PGP 5.x files as well.

During the installation of Red Hat Linux, GnuPG is installed by default. That way you can immediately start using GnuPG to verify any packages that you receive from Red Hat. First, you will need to import Red Hat's public key.

Importing Keys

To verify official Red Hat packages, you must import the Red Hat GPG key. To do so, execute the following command at a shell prompt:

rpm --import /usr/share/rhn/RPM-GPG-KEY

To display a list of all keys installed for RPM verification, execute the command:

rpm -qa gpg-pubkey*

For the Red Hat key, the output will include:

gpg-pubkey-db42a60e-37ea5438

To display details about a specific key, use rpm -qi followed by the output from the previous command, as follows:

rpm -qi gpg-pubkey-db42a60e-37ea5438

Verifying the Signature of Packages

To check the GnuPG signature of an RPM file after importing the builder's GnuPG key, use the following command (replace rpm-file with filename of the RPM package):

rpm -K rpm-file

If all goes well, you will see the message: md5 gpg OK. That means that the signature of the package has been verified and that it is not corrupt.


Previous page
Table of content
Next page
The Red Hat Documentation Team - Official Red Hat Linux User's Guide
The Red Hat Documentation Team - Official Red Hat Linux User's Guide
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 223
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
FileMaker Pro 8: The Missing Manual
C++ How to Program (5th Edition)
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy