Package Management using Red Hat Package Manager (RPM).

You are currently viewing Package Management using Red Hat Package Manager (RPM).

There are two different ways to manage packages on RHEL based Linux distributions (like Red Hat Enterprise Linux, Fedora, Alma Linux, Rocky Linux, CentOS etc.) and they are RPM & DNF (improved version of YUM). Here I’ll be discussing package management using RPM. For learning same via DNF, Go to Post:
Understanding Package Management using Dandified YUM (DNF).

  • RPM is:

    1. mainly a package manager using which the rpm package(s) or the files within the rpm package(s) are managed on a Linux distribution.
    2. also a packaging format i.e. a standard way of packaging software for RHEL based distributions.

  • RPM stands for Red Hat Package Manager, which was developed by Red Hat, for installing, removing, upgrading and managing software on their Linux distributions. It provided a simple way of software installation i.e. by copying the precompiled binaries (usually precompiled on a different machine with the same CPU architecture) and other relevant files of a specific software on a system rather than using the alternative i.e. compiling the whole software source from the scratch, a very tedious and time consuming process.

  • RPM package files have following naming convention: NAME-VERSION-RELEASE-ARCHITECTURE.rpm
    For Example: vsftpd-3.0.3-35.el8.x86_64.rpm, where
    NAME vsftpd
    VERSION 3.0.3
    RELEASE 35.el8
    ARCHITECTURE x86_64
    EXTENSION rpm

  • Each RPM Package is a special archive comprising of three components:

    1. The actual software or files installed by the package.
    2. Metadata (information about package) like name, version, release, arch, summary, description of the package, package dependency list, licensing, changelog etc.
    3. Pre and Post Installation Scripts, Removal and Updating Scripts or scripts which may be triggered when other packages are installed, removed, or updated.

  • Digitally Signed RPM Packages: RPM packages are usually digitally signed by the organization that packaged them. All packages from a particular source are normally signed using same GPG Private Key. Therefore packages usually comes with a GPG Public Key which when run against the package, verifies the integrity of the package.

  • Whenever a patch to the upstream source code for a software package is provided by a packaging entity, a complete new RPM package is generated with new and updated release number. Because the entity responsible for packaging software is not authorized to make changes in the version number of the upstream source code, therefore comes the significance of the release number.

  • In most cases, only one version or release of a package may be installed at a time because RPM installation process will never allow files to be overwritten.

  • If packages are built so that there are no conflicting filenames, then multiple versions may be installed. Like in the case of KERNEL packages. Since a new kernel can only be tested by booting to that kernel, the package is specially designed so that multiple versions may be installed at once. If the new kernel fails to boot, the old kernel is still available.

  • rpm command is used for installing, removing, updating and querying rpm packages.

  • rpm command though has one big limitation, that it cannot resolve dependencies automatically and all required packages must be installed manually one by one, which makes installation process tedious and painful.

  • Therefore an advanced package manager YUM (which now is replaced by an improved variant called DNF) was brought, mainly to solve above listed limitation apart from the other useful features.

  • Tools such as PackageKit and YUM (Now DNF) are front-end applications for rpm and can be used to install individual package or package groups.

  • rpm --version command is used for determining installed version of the package management software.

  • Utility/Command "rpm" is a low-level tool, which can be used to extract information about the contents of rpm package files and installed rpm packages. It retrieves information either from rpm database maintained on the system or the package files themselves. Following are some useful commands showing this information extracting property of rpm:

    # rpm -qa
    List all installed packages, which is equivalent to # dnf list installed
    Note: For comparing output of both commands, do following:
    Exit value 0 below implies output of both command is same.

    # [   $(rpm -qa | wc -l) -eq $(dnf list installed | wc -l)   ]
# echo $?

    # rpm -q PACKAGE
    Quering against an installed rpm package/software.

    # rpm -q -p PACKAGE.rpm
    Quering against an rpm package file with rpm extension.

  • RPM queries: Gathering information about package(s) and content of package(s).

    # rpm -q vsftpd (OR)
    # rpm -q -p /path/to/packages/vsftpd-3.0.3-35.el8.x86_64.rpm
    Both list the package name and version. Similar to dnf list vsftpd

    # rpm -qf /etc/hosts
    Similar to dnf provides /etc/hosts

    # rpm -qi vsftpd (OR)
    # rpm -qi -p /path/to/packages/gnuplot-5.2.4-1.el8.x86_64.rpm
    Displays detailed package information. Similar to dnf info gnuplot

    # rpm -ql createrepo_c (OR)
    # rpm -ql -p /path/to/packages/createrepo_c-0.17.7-5.el8.x86_64.rpm
    List all files installed by a specific package, or will be installed by a specific package.

    # rpm -qc setup (OR)
    # rpm -qc -p /path/to/packages/setup-2.12.2-6.el8.noarch.rpm
    List just configuration files installed by a specific package, or will be installed by a specific package.

    # rpm -qd NetworkManager (OR)
    # rpm -qd -p /path/to/packages/NetworkManager-1.36.0-4.el8.x86_64.rpm
    List just documetation files installed by a specific package, or will be installed by a specific package.

    # rpm -q --scripts vsftpd (OR)
    # rpm -q --scripts -p /path/to/packages/vsftpd-3.0.3-35.el8.x86_64.rpm
    List shell scripts thay may run before or after the package is installed or removed.

    # rpm -q --changelog filesystem
    # rpm -q --changelog -p /path/to/packages/filesystem-3.8-6.el8.x86_64.rpm
    List change information for the package.

    Note: repoquery command can also be used to get information about packages and their contents. It differs from rpm by looking up that information in dnf’s (or yum’s) repositories instead of the local database of installed packages.
    For more information search "Repoquery Command" in the output of # man 8 dnf
    For example:
    # repoquery -i vsftpd
    Similar to yum info vsftpd

  • rpm Commands for installation, updating and removal of packages.

    # rpm -ivh PACKAGEFILE.rpm
    For installing packages, however using dnf helps maintain a transaction history which can be retrieved using # dnf history. Therfore, it is best approach to always prefer DNF

    Note: Be careful installing packages from third parties, not just because of the software they may install, but because RPM package may run arbitrary scripts as root as part of the installtion process.

    # rpm --nosignature -ivh PACKAGEFILE.rpm
    Similar to using –nogpgcheck with dnf/yum, is used to avoid package integrity check, i.e. ignore gpg signature verification while installtion.

    # rpm -Uvh PACKAGEFILE.rpm
    For updating packages, however never use this to update kernel packages. (Always prefer DNF)

    # rpm -evh PACKAGENAME
    For erasing or removing installed packages. (Always prefer DNF)
    Packages installed via yum/dnf can be removed via this command, though is not recommended.

  • Extracting files from RPM Package(s)

    1. Files in the RPM package can be extracted without installing the package using cpio, an archiving tool like zip or tar.
    2. Pipe the output of rpm2cpio PACKAGEFILE.rpm into cpio -id as shown below and it will extract all the files stored in the RPM Package.
    3. Subdirectory trees will be created as needed, relative to the current working directory. Select file(s) can also be extracted by specifying the path of the file.

    # rpm2cpio PACKAGEFILE.rpm | cpio -t
    For listing the contents of file.
    For Example:
    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -t
    …truncated output image below:

    rpm2cpio

    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -id ./usr/share/doc/vsftpd/TODO
    For extracting a specific file within Present Working Directory (or PWD)

    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -id "*.txt"
    For extracting all files ending with ".txt" within PWD

    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -id "*.conf"
    For extracting all files ending with ".conf" within PWD

    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -id
    For extracting all files within PWD

    # rpm2cpio vsftpd-3.0.3-35.el8.x86_64.rpm | cpio -idD /tmp
    For extracting all files within /tmp/vsftpd directory
    Note: Output directory will be created if absent.

Tags: , ,

Leave a Reply