Friday, November 27, 2009

Package Management With Rpm

Package Management With Rpm

Using RPM

RPM has five basic modes of operation (not counting package building): installing, uninstalling, upgrading, querying, and verifying. This section contains an overview of each mode. For complete details and options try rpm --help, or turn to the Section called Additional Resources for more information on RPM.

Finding RPM Packages

Before using an RPM, you must know where to find them. An Internet search will return many RPM repositories, but if you are looking for RPM packages built by Red Hat, they can be found at the following locations:

• The official Red Hat Linux CD-ROMs

• The Red Hat Errata Page available at http://www.redhat.com/apps/support/errata/

• A Red Hat FTP Mirror Site available at http://www.redhat.com/download/mirror.html

• Red Hat Network — See Chapter 33 for more details on Red Hat Network

Installing

RPM packages typically have file names like foo-1.0-1.i386.rpm. The file name includes the package name (foo), version (1.0), release (1), and architecture (i386). Installing a package is as simple as logging in as root and typing the following command at a shell prompt:

rpm -Uvh foo-1.0-1.i386.rpm

If installation is successful, you will see the following:

Preparing... ########################################### [100%]

1:foo ########################################### [100%]

As you can see, RPM prints out the name of the package and then prints a succession of hash marks as the package is installed as a progress meter.

Starting with version 4.1 of RPM, the signature of a package is checked when installing or upgrading a package. If verifying the signature fails, you will see an error message such as:

error: V3 DSA signature: BAD, key ID 0352860f

If is it a new, header-only, signature, you will see an error message such as:

error: Header V3 DSA signature: BAD, key ID 0352860f

If you do not have the appropriate key installed to verify the signature, the message will contain NOKEY such as:

warning: V3 DSA signature: NOKEY, key ID 0352860f

Refer to the Section called Checking a Package's Signature for more information on checking a package's signature.

Note

If you are installing a kernel package, you should use rpm -ivh instead. Refer to Chapter 29 for details.

Installing packages is designed to be simple, but you may sometimes see errors.

Package Already Installed

If the package of the same version is already installed, you will see:

Preparing... ########################################### [100%]

package foo-1.0-1 is already installed

If you want to install the package anyway and the same version you are trying to install is already installed, you can use the --replacepkgs option, which tells RPM to ignore the error:

rpm -ivh --replacepkgs foo-1.0-1.i386.rpm

This option is helpful if files installed from the RPM were deleted or if you want the original configuration files from the RPM to be installed.

Conflicting Files

If you attempt to install a package that contains a file which has already been installed by another package or an earlier version of the same package, you will see:

Preparing... ########################################### [100%]

file /usr/bin/foo from install of foo-1.0-1 conflicts with file from package bar-2.0.20

To make RPM ignore this error, use the --replacefiles option:

rpm -ivh --replacefiles foo-1.0-1.i386.rpm

Unresolved Dependency

RPM packages can "depend" on other packages, which means that they require other packages to be installed in order to run properly. If you try to install a package which has an unresolved dependency, you will see:

Preparing... ########################################### [100%]

error: Failed dependencies:

bar.so.2 is needed by foo-1.0-1

Suggested resolutions:

bar-2.0.20-3.i386.rpm

If you are installing an official Red Hat, it will usually suggest the package(s) need to resolve the dependency. Find this package on the Red Hat Linux CD-ROMs or from the Red Hat FTP site (or mirror), and add it to the command:

rpm -ivh foo-1.0-1.i386.rpm bar-2.0.20-3.i386.rpm

If installation of both packages is successful, you will see:

Preparing... ########################################### [100%]

1:foo ########################################### [ 50%]

2:bar ########################################### [100%]

If it does not suggest a package to resolve the dependency, you can try the --redhatprovides option to determine which package contains the required file. You need the rpmdb-redhat package installed to use this options.

rpm -q --redhatprovides bar.so.2

If the package that contains bar.so.2 is in the installed database from the rpmdb-redhat package, the name of the package will be displayed:

bar-2.0.20-3.i386.rpm

If you want to force the installation anyway (a bad idea since the package probably will not run correctly), use the --nodeps option.

Uninstalling

Uninstalling a package is just as simple as installing one. Type the following command at a shell prompt:

rpm -e foo

Note

Notice that we used the package name foo, not the name of the original package file foo-1.0-1.i386.rpm. To uninstall a package, you will need to replace foo with the actual package name of the original package.

You can encounter a dependency error when uninstalling a package if another installed package depends on the one you are trying to remove. For example:

Preparing... ########################################### [100%]

error: removing these packages would break dependencies:

foo is needed by bar-2.0.20-3.i386.rpm

To cause RPM to ignore this error and uninstall the package anyway (which is also a bad idea since the package that depends on it will probably fail to work properly), use the --nodeps option.

Upgrading

Upgrading a package is similar to installing one. Type the following command at a shell prompt:

rpm -Uvh foo-2.0-1.i386.rpm

What you do not see above is that RPM automatically uninstalled any old versions of the foo package. In fact, you may want to always use -U to install packages, since it will work even when there are no previous versions of the package installed.

Since RPM performs intelligent upgrading of packages with configuration files, you may see a message like the following:

saving /etc/foo.conf as /etc/foo.conf.rpmsave

This message means that your changes to the configuration file may not be "forward compatible" with the new configuration file in the package, so RPM saved your original file, and installed a new one. You should investigate the differences between the two configuration files and resolve them as soon as possible, to ensure that your system continues to function properly.

Upgrading is really a combination of uninstalling and installing, so during an RPM upgrade you can encounter uninstalling and installing errors, plus one more. If RPM thinks you are trying to upgrade to a package with an older version number, you will see:

package foo-2.0-1 (which is newer than foo-1.0-1) is already installed

To cause RPM to "upgrade" anyway, use the --oldpackage option:

rpm -Uvh --oldpackage foo-1.0-1.i386.rpm

Freshening

Freshening a package is similar to upgrading one. Type the following command at a shell prompt:

rpm -Fvh foo-1.2-1.i386.rpm

RPM's freshen option checks the versions of the packages specified on the command line against the versions of packages that have already been installed on your system. When a newer version of an already-installed package is processed by RPM's freshen option, it will be upgraded to the newer version. However, RPM's freshen option will not install a package if no previously-installed package of the same name exists. This differs from RPM's upgrade option, as an upgrade will install packages, whether or not an older version of the package was already installed.

RPM's freshen option works for single packages or a group of packages. If you have just downloaded a large number of different packages, and you only want to upgrade those packages that are already installed on your system, freshening will do the job. If you use freshening, you will not have to delete any unwanted packages from the group that you downloaded before using RPM.

In this case, you can simply issue the following command:

rpm -Fvh *.rpm

RPM will automatically upgrade only those packages that are already installed.

Querying

Use the rpm -q command to query the database of installed packages. The rpm -q foo command will print the package name, version, and release number of the installed package foo:

foo-2.0-1

Note

Notice that we used the package name foo. To query a package, you will need to replace foo with the actual package name.

Instead of specifying the package name, you can use the following options with -q to specify the package(s) you want to query. These are called Package Specification Options.

• -a queries all currently installed packages.

• -f will query the package which owns . When specifying a file, you must specify the full path of the file (for example, /usr/bin/ls).
• -p queries the package .
There are a number of ways to specify what information to display about queried packages. The following options are used to select the type of information for which you are searching. These are called Information Selection Options.
• -i displays package information including name, description, release, size, build date, install date, vendor, and other miscellaneous information.
• -l displays the list of files that the package contains.
• -s displays the state of all the files in the package.
• -d displays a list of files marked as documentation (man pages, info pages, READMEs, etc.).
• -c displays a list of files marked as configuration files. These are the files you change after installation to adapt the package to your system (for example, sendmail.cf, passwd, inittab, etc.).
For the options that display lists of files, you can add -v to the command to display the lists in a familiar ls -l format.
Verifying
Verifying a package compares information about files installed from a package with the same information from the original package. Among other things, verifying compares the size, MD5 sum, permissions, type, owner, and group of each file.
The command rpm -V verifies a package. You can use any of the Package Selection Options listed for querying to specify the packages you wish to verify. A simple use of verifying is rpm -V foo, which verifies that all the files in the foo package are as they were when they were originally installed. For example:
• To verify a package containing a particular file:
rpm -Vf /bin/vi
• To verify ALL installed packages:
rpm -Va
• To verify an installed package against an RPM package file:
rpm -Vp foo-1.0-1.i386.rpm
• This command can be useful if you suspect that your RPM databases are corrupt.
If everything verified properly, there will be no output. If there are any discrepancies they will be displayed. The format of the output is a string of eight characters (a c denotes a configuration file) and then the file name. Each of the eight characters denotes the result of a comparison of one attribute of the file to the value of that attribute recorded in the RPM database. A single . (a period) means the test passed. The following characters denote failure of certain tests:
• 5 — MD5 checksum
• S — file size
• L — symbolic link
• T — file modification time
• D — device
• U — user
• G — group
• M — mode (includes permissions and file type)
• ? — unreadable file
If you see any output, use your best judgment to determine if you should remove or reinstall the package, or fix the problem in another way.

 
Things You Should Know About Linux !!!