Some Useful RPM Package Manager Commands
RPM is an acronym for RPM Package Manager. Just like with GNU (GNU is not Unix), it has a recursive name. RPM is also known as the Red Hat Package Manager. RPM is mainly used for package management in Red Hat Enterprise Linux. Since RPM is a free software, distributed under GPL license, some popular distros like CentOS (Community Enterprise Operating System) is also using RPM as a package manager.
First, we'll download an RPM package to work on. Let's get started with some examples. I'll be using wget package for practice. You can download wget RPM package from here
Install, Upgrade, Remove and Freshen an RPM Package
To install an RPM package, you can use -i or --install flag, followed by the package file:
root@localhost ~]# ls
anaconda-ks.cfg wget-1.14-18.el7_6.1.x86_64.rpm
root@localhost ~]# rpm -i wget-1.14-18.el7_6.1.x86_64.rpm
root@localhost ~]# echo $?
0
Ummm... Is this thing on? Well, yes. We haven't got any errors and our echo $? returned 0, we can say that our package has been installed successfully.
To remove an RPM package, simply use -e or --erase. Notice that this command requires the package name, not the package file itself:
root@localhost ~]# rpm -e wget
root@localhost ~]# wget
-bash: wget: command not found
Freshen is some kind of update. But it only works if an earlier version has already been installed. If the given package is newer than the installed one, RPM freshens the package:
rpm -F wget-1.14-18.el7_6.1.x86_64.rpm
root@localhost ~]# wget
-bash: wget: command not found
Since we've already removed the wget package, we couldn't freshen it. Nothing has changed. Bottom line, RPM freshen means "update an already installed package".
RPM upgrade works different than freshen. This command will check if the given RPM file has already been installed. If not, it'll install it. If the package has already installed but given package file contains a newer version, rpm -U will upgrade the package:
root@localhost ~]# wget
-bash: wget: command not found
root@localhost ~]# rpm -U wget-1.14-18.el7_6.1.x86_64.rpm
root@localhost ~]# wget
wget: missing URL
Since we didn't have the wget package, rpm -U installed it.
If you want to see the progress of installation, you can use -h or --hash. This will display hashes during installation to inform you about progress:
root@localhost ~]# rpm -e wget
root@localhost ~]# rpm -ih wget-1.14-18.el7_6.1.x86_64.rpm
Updating / installing...
################################# 100%]
List All Installed RPM Packages
To list all RPM packages installed on a system, we can combine RPM query (-q) with all (-a) flag:
root@localhost ~]# rpm -qa
openssh-clients-7.4p1-21.el7.x86_64
setup-2.8.71-11.el7.noarch
audit-2.8.5-4.el7.x86_64
ncurses-base-5.9-14.20130511.el7_4.noarch
aic94xx-firmware-30-6.el7.noarch
dracut-config-rescue-033-572.el7.x86_64
.....................
crontabs-1.11-6.20121102git.el7.noarch
openssh-7.4p1-21.el7.x86_64
alsa-tools-firmware-1.1.0-1.el7.x86_64
teamd-1.29-3.el7.x86_64
python-pyudev-0.15-9.el7.noarch
Further, you can pipe this output to wc -l or nl to see how many RPM packages installed on a system:
What Package Did This File Come From?
Let's assume you've bumped into a configuration file, yet have no idea what package brought this file. You can use RPM to query this information. -q for query and -f for file:
root@localhost ~]# ls /etc/crontab
/etc/crontab
root@localhost ~]# rpm -qf /etc/crontab
crontabs-1.11-6.20121102git.el7.noarch
As you can see, the /etc/crontab file came with the crontabs package.
Find Dependencies of a Package
If you need to find out dependencies of an RPM package, you can use -R (requires) flag in your queries. Note that this query requires the package name, not the package file:
root@localhost ~]# rpm -qR wget-1.14-18.el7_6.1.x86_64.rpm
package wget-1.14-18.el7_6.1.x86_64.rpm is not installed
root@localhost ~]# rpm -qR wget
/bin/sh
/bin/sh
/sbin/install-info
/sbin/install-info
config(wget) = 1.14-18.el7_6.1
libc.so.6()(64bit)
libc.so.6(GLIBC_2.11)(64bit)
libc.so.6(GLIBC_2.14)(64bit)
libc.so.6(GLIBC_2.15)(64bit)
libc.so.6(GLIBC_2.17)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libc.so.6(GLIBC_2.8)(64bit)
libcrypto.so.10()(64bit)
libcrypto.so.10(libcrypto.so.10)(64bit)
libdl.so.2()(64bit)
libidn.so.11()(64bit)
libidn.so.11(LIBIDN_1.0)(64bit)
libpcre.so.1()(64bit)
libssl.so.10()(64bit)
libssl.so.10(libssl.so.10)(64bit)
libuuid.so.1()(64bit)
libuuid.so.1(UUID_1.0)(64bit)
libz.so.1()(64bit)
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
rpmlib(PayloadIsXz) <= 5.2-1
List All The Files Came With a Package
You've installed a package and you need to know the files came with this package. Like a configuration file, binaries or documentation. You can combine -l or --list with your query:
root@localhost ~]# rpm -ql crontabs
/etc/cron.daily
/etc/cron.hourly
/etc/cron.monthly
/etc/cron.weekly
/etc/crontab
/etc/sysconfig/run-parts
/usr/bin/run-parts
/usr/share/man/man4/crontabs.4.gz
/usr/share/man/man4/run-parts.4.gz
Above, you're looking at the list of files came with the crontabs package.
How to Verify an RPM Package?
Sometimes you might want to check if your package's information is correct. rpm -V compares the installed files with the information on RPM database. Since we've already know which files came with crontabs, let's change one of them:
root@localhost ~]# rpm -V crontabs
root@localhost ~]# ls -l /etc/crontab
-rw-r--r--. 1 root root 451 Haz 10 2014 /etc/crontab
root@localhost ~]# chmod 600 /etc/crontab
root@localhost ~]# ls -l /etc/crontab
-rw-------. 1 root root 451 Haz 10 2014 /etc/crontab
root@localhost ~]# rpm -V crontabs
.M....... c /etc/crontab
What's going on here? First, we've verified the crontabs package. It returned nothing, thus we can say package is verified. And we've checked the permissions of /etc/crontab file which belongs to crontabs package and changed it's permissions. After that, package verification has failed. But what that output means?
See the last letter, "c". That means this file is a configuration file. Some other file types are:
- "d" for documentation file
- "l" for license file
- "r" for readme file
And look at the "M". That means mode has changed like permissions or file type. Some other attributes are:
- S for file size
- 5 for digest (came from MD5)
- U for user ownership
- G for group ownership
- T for modify time
Let's play along with this values and see if we can change anything:
root@localhost ~]# ls -l /etc/crontab
-rw-------. 1 root root 451 Haz 10 2014 /etc/crontab
root@localhost ~]# chown nobody:nobody /etc/crontab
root@localhost ~]# echo "append this" >> /etc/crontab
root@localhost ~]# rpm -V crontabs
SM5..UGT. c /etc/crontab
We've change the user ownership, group ownership, file contents itself (therefore file size, modification time and digest) and we've got verification errors with file size, ownerships, digest, mTime and mode (already changed at previous example).
How to Fix an Unverified RPM Package?
We can use a few things to fix out package. First, we can revert every change we made in that configuration file. This will change our digest and file size back. But not the modification time. To fix permissions and ownership, we can use --setperms and --setugids:
root@localhost ~]# rpm --setperms crontabs
root@localhost ~]# rpm --setugids crontabs
root@localhost ~]# rpm -V crontabs
S.5....T. c /etc/crontab
root@localhost ~]# vi /etc/crontab
root@localhost ~]# rpm -V crontabs
.......T. c /etc/crontab
If you're uncomfortable with this situation, you can always reinstall your package. How about not break it in the first place?