102.5 RPM and YUM Package Management
Candidates should be able to perform package management using RPM based tools.
Key Knowledge Areas
- Install, re-install, upgrade and remove packages using RPM and YUM.
- Obtain information on RPM packages such as version, status, dependencies, integrity and signatures.
- Determine what files a package provides, as well as find which package a specific file comes from.
Some Linux distribution uses rpm the “Red Hat Package Manager” for all its distribution software. RPM maintains a detailed database of all software installed in the system.
RPM Package Naming
There is no strict convention but most rpm package names are formed as follows:
The architecture name can either indicate which computer architecture the enclosed binaries are made for (e.g i386, ppc, ia64, noarch) or it can indicate that the package contains the source code (src).
Major and minor modes
Some short name options are similar but perform different actions depending on their position on the command line. A distinction is made between the first option and other options.
The first option given to rpm is in major mode. For example in rpm -iv A.rpm the option 'i' is a major option and will cause package A to be installed.
Similarly an option that is not in first position is in minor mode. For example in rpm -qpi A.rpm the option 'i' is a minor mode and will get information from the package A such as the author and the licence type.
These are the major mode options for rpm.
|-i||–install||Installs the package|
|-U||–update||Updates or installs a package|
|-F||--freshen||Updates only installed package|
|-V||--verify||file size, MD5, permissions, type ...|
|-q||--query||Queries installed/uninstalled packages, and files|
These are the minor mode options for rpm.
|applies to all installed packages|
|together with q lists configuration files|
|together with q lists documentation files|
|together with q queries which package installed a given file|
|adds hashes while processing|
|together with q lists information about a package|
|together with q lists all files and directories in a package|
|together with q specifies that the query is performed on the package file|
An extra option will allow you to get information on all installed files –l, documentation –d configuration files –c, etc ...
We consider for example the package routed-0.17.i386.rpm. We can query this package and list its contents before installation with the l option as follows:
# rpm –qpl routed-0.17.i386.rpm
Once this package is install we can query the installed package with:
# rpm –ql routed-0.17 or
# rpm –ql routed
Finally if we want to find out which package installed the file /usr/sbin/routed the rpm database can be queried with:
# rpm –qf /usr/sbin/routed
--nodepsInstall a package regardless of dependencies
--force force an upgrade
--testdoesn’t actually install or upgrade, just prints to stdout
--requires PACKAGEtogether with q lists capabilities required by a package
--whatrequires CAPABILITYtogether with q lists packages which require the capability
You can check the signature of each package that is distributed as part of a project. For example to load the keys of all the developers involved with the Fedora project do the following (just once):
# rpm –-import /usr/share/rhn/RPM-GPG-KEY-fedora
You can now download any package from an FTP site which mirrors the project's RPMs. For example we downloaded zlib-184.108.40.206-2.1.i386.rpm from ftp.mirror.ac.uk in the Fedora subdirectory. We next check the authenticity of the file:
# rpm --checksig /home/adrian/zlib-220.127.116.11-2.1.i386.rpm
# /home/adrian/zlib-18.104.22.168-2.1.i386.rpm: (sha1) dsa sha1 md5 gpg OK
The next command checks the integrity of the package bash:
# rpm –V bash
This returns nothing. We next do the following as user root:
# chown bin /bin/bash
# chmod 775 /bin/bash
If we check the integrity of bash again this time we get:
# rpm –V bash
The package manager has compared the current status of all files which are part of the bash package with the known original state of these files stored in a database. The changes made to /bin/bash have been identified.
It is possible to verify the integrity of all packages installed on the system by adding the 'a' (--all) option after 'V' (--verify)
The –verify option performs a number of tests on each file; when a test is positive a number of characters (listed below) are used to identify the errors:
|the test was successful|
|the test couldn't be performed|
|file size has changed|
|permission mode or file type has changed|
|the file's MD5 sum has changed|
|device major/minor number miss-match|
|broken symbolic link|
|the user owner of the file has changed|
|the group owner of the file has changed|
|the mtime (modified time) has changed|
Yum Package Manager
Yum is the default package manager for many rpm based distributions that allows for the installing, updating and removing of rpm packages without having to worry about resolving dependencies yourself. Yum uses external repositories to provide the meta-data, in the form of index files, about what packages are available and their dependencies as well as to store the rpm packages that will be automatically downloaded to fulfil an installation request. A repository may be an web site or directory that is formatted in the manner expected by yum.
The most common command for yum are:
install – install a package, automatically resolving and installing dependencies. The command below would install the tsclient package with its dependencies.
# yum install tsclient
This command will install all software packages in the “mysql database group”, which will include the mysql server as well as admin and management tools.
# yum groupinstall “mysql database”
update – update the list of available packages and will update all installed packages on your system to the latest available versions.
# yum update
search – search the list of available rpm packages. The command below will search for a package by name.
# yum list tsclient
If you do not know the name of the package, which is often the case, you can search for a package by keyword. The search command can also accepts wildcards in its search criteria.
# yum search PalmPilot
erase/remove – delete a package from your system. Erase is a safer option to use as remove may delete dependencies that are needed by other packages. Below we remove he tsclient package
# yum remove tsclient
We can also remove all packages in a group.
# yum groupremove “mysql database”
Yum is configured in the /etc/yum.conf file and repositories are managed via the /etc/yum.repos.d/ directory. To add an extra repository, place a definition file in the /etc/yum.repos.d/ directory on your system. Package providers make the definition files for their repositories available on their web sites. You may also create a repository file manually by following the correct file format. To disable a repository you can add the line enable=0 to the repository definition file. If you wish to permanently remove the repository delete the definition file and clear the yum cache directory /var/cache/yum/. The cache directory is updated each time you run “yum update”
The yumdownloader is a program for downloading RPMs from Yum repositories. It is used to download the rpm packages without installing them on the system. This can be useful for downloading packages from a faster connection and then copying then to a machine with a slower connection for installation. The parameters that are commonly used with the yum downloader are:
- destdir DIR - specify a destination directory for the download. Defaults to the current directory.
- resolve When downloading RPMs, resolve dependencies and also download the required packages.
Used files, terms and utilities:* rpm