5.1 The Red Hat Package Manager
The Red Hat Package Manager (RPM)
is a freely available packaging system for software distribution and
installation. In addition to Red Hat and Red Hat-based distributions,
both SuSE and Caldera
are among the Linux distributions that use RPM.
Using RPM is straightforward. A single command, rpm, has options to perform all package
management functions except building packages. For example,
to find out if the Emacs editor is installed on your system, you
could say:
% rpm -q emacs
emacs-21.2-18
The rpmbuild command is used to
build both binary and source packages.
5.1.1 The rpm Command
RPM packages are built, installed, and
queried with the rpm command. RPM
package names usually end with a .rpm extension.
rpm has a set of modes, each with
its own options. The format of the rpm command is:
rpm [options ] [packages ]
With a few exceptions, as noted in the lists of options that follow,
the first option specifies the rpm
mode (install, query, update, etc.), and any remaining options affect
that mode.
Options that refer to packages are sometimes specified as
package-name and sometimes as
package-file. The package name is the name of
the program or application, such as gif2png. The package file is the name of the
RPM file, such as gif2png-2.4.6-1.i386.rpm.
RPM provides a configuration file for
specifying frequently used options. The default global configuration
is usually /usr/lib/rpm/rpmrc,
the local system configuration file is
/etc/rpmrc, and users can set up their own
$HOME/.rpmrc files. You can use the --showrc option to show the values RPM
will use for all the options that may be set in an
rpmrc file:
rpm --showrc
The rpm command includes FTP and HTTP
clients, so you can specify an ftp:// or
http:// URL to install or query a package across
the Internet. You can use an FTP or HTTP URL wherever
package-file is specified in the commands
presented here.
Any user can query the RPM database. Most of the other functions
require superuser privileges.
5.1.1.1 General options
The following options can be used with all modes:
- --dbpath path
-
Use path as the path to the RPM database instead
of the default /var/lib/rpm.
- -?, --help
-
Print a long usage message (running rpm with no options gives a shorter usage
message).
- --pipe command
-
Pipe the rpm output to
command.
- --quiet
-
Display only error messages.
- --rcfile filelist
-
Get configuration from the files in the colon-separated
filelist. If --rcfile is specified, there must be at
least one file in the list and the file must exist.
filelist defaults to
/var/lib/rpm/rpmrc:/usr/lib/rpm/redhat/rpmrc:~/.rpmrc.
- --root dir
-
Perform all operations within the directory tree rooted at
dir.
- -v
-
Verbose. Print progress messages.
- --version
-
Print the version number of rpm.
- -vv
-
Print debugging information.
5.1.1.2 Install, upgrade, and freshen options
Use the install command to install or upgrade an RPM
package. The install syntax is:
rpm -i [install-options ] package_file ...
rpm --install [install-options ] package_file ...
To install a new version of a package and remove an existing version
at the same time, use the upgrade
command instead:
rpm -U [install-options ] package_file ...
rpm --upgrade [install-options ] package_file ...
If the package doesn't already exist on the system,
-U acts like -i and installs it. To prevent that behavior,
you can freshen a package instead;
in that case, rpm upgrades the
package only if an earlier version is already installed. The
freshen syntax is:
rpm -F [install-options ] package_file ...
rpm --freshen [install-options ] package_file ...
package-file can be specified as an FTP or HTTP
URL to download the file before installing it. See Section 5.1.1.11.
The installation and upgrade options are:
- --aid
-
If rpm suggests additional packages,
add them to the list of package files.
- --allfiles
-
Install or upgrade all files.
- --badreloc
-
Used with --relocate to force
relocation even if the package is not relocatable.
- --excludedocs
-
Don't install any documentation files.
- --excludepath path
-
Don't install any file whose filename begins with
path.
- --force
-
Force the installation. Equivalent to using all of --replacepkgs, --replacefiles, and --oldpackage.
- -h, --hash
-
Print 50 hash marks as the package archive is unpacked. Use with
-v or --verbose for a nicer display.
- --ignorearch
-
Install even if the binary package is intended for a different
architecture.
- --ignoreos
-
Install binary package even if the operating systems
don't match.
- --ignoresize
-
Don't check disk space availability before
installing.
- --includedocs
-
Install documentation files. This is needed only if excludedocs: 1 is specified in an
rpmrc file.
- --justdb
-
Update the database only; don't change any files.
- --nodeps
-
Don't check whether this package depends on the
presence of other packages.
- --nodigest
-
Don't verify package or header digests.
- --noorder
-
Don't reorder packages to satisfy dependencies
before installing.
- --nopost
-
Don't execute any post-install script.
- --nopostun
-
Don't execute any post-uninstall script.
- --nopre
-
Don't execute any pre-install script.
- --nopreun
-
Don't execute any pre-uninstall script.
- --noscripts
-
Don't execute any pre-install or post-install
scripts. Equivalent to specifying all of --nopre, --nopost, --nopreun, and --nopostun.
- --nosignature
-
Don't verify package or header signatures.
- --nosuggest
-
Don't suggest packages that provide a missing
dependency.
- --notriggerin
-
Don't execute any install trigger scriptlet.
- --notriggerun
-
Don't execute any uninstall trigger scriptlet.
- --notriggerpostun
-
Don't execute any post-uninstall trigger scriptlet.
- --notriggers
-
Don't execute any scripts triggered by package
installation.
- --oldpackage
-
Allow an upgrade to replace a newer package with an older one.
- --percent
-
Print percent-completion messages as files are unpacked. Useful for
running rpm from other tools.
- --prefix path
-
Set the installation prefix to path for
relocatable binary packages.
- --relocate oldpath=newpath
-
For relocatable binary files, change all file paths from
oldpath to newpath. Can be
specified more than once to relocate multiple paths.
- --repackage
-
Repackage the package files before erasing. Rename the package as
specified by the macro %_repackage_name_fmt and save it in the
directory specified by the macro %_repackage_dir (by default
/var/tmp).
- --replacefiles
-
Install the packages even if they replace files from other installed
packages.
- --replacepkgs
-
Install the packages even if some of them are already installed.
- --test
-
Go through the installation to see what it would do, but
don't actually install the package. This option lets
you test for problems before doing the installation.
5.1.1.3 Query options
The syntax for the query command is:
rpm -q [package-options ] [information-options ]
rpm --query [package-options ] [information-options ]
There are two subsets of query options. Package
selection options determine what packages to query, and
information selection options determine what
information to provide.
5.1.1.4 Package selection options
- package_name
-
Query the installed package
package_name.
- -a, --all
-
Query all installed packages.
- -f file, --file file
-
Find out what package owns file.
- --fileid md5
-
Query package with the specified MD5 digest.
- -g group, --group group
-
Find out what packages have group group.
- --hdrid sha1
-
Query package with the specified SHA1 digest in the package header.
- -p package_file, --package package_file
-
Query the uninstalled package package_file,
which can be a URL. If package_file is not a
binary package, it is treated as a text file containing a package
manifest, with each line of the manifest containing a path or one or
more whitespace-separated glob expressions to be expanded to paths.
These paths are then used instead of
package_file as the query arguments. The
manifest can contain comments that begin with a hash mark (#).
- --pkgid md5
-
Query the package with a package identifier that is the given MD5
digest of the combined header and contents.
- --querybynumber num
-
Query the numth database entry. Useful for
debugging.
- -qf, --queryformat num
-
Specify the format for displaying the query output, using tags to
represent different types of data (e.g., NAME, FILENAME,
DISTRIBUTION). The format specification is a variation of the
standard printf formatting, with the
type specifier omitted and replaced by the name of the header tag
inclosed in brackets ({ }). For
example:
%{NAME}
The tag names are case-insensitive. Use --querytags (see Section 5.1.1.10) to view a list of available
tags. The tag can be followed by :type to get a
different output format type. The possible types are:
- armor
-
Wrap a public key in ASCII armor.
- base64
-
Encode binary data as base64.
- date
-
Use strftime(3)
"%c" format.
- day
-
Use strftime(3) "%a
%b %d %Y" format.
- depflags
-
Format dependency flags.
- fflags
-
Format file flags.
- hex
-
Use hexadecimal format.
- octal
-
Use octal format.
- perms
-
Format file permissions.
- shescape
-
Escape single quotes for use in a script.
- triggertype
-
Display trigger suffix.
- --specfile specfile
-
Query specfile as if it were a package. Useful
for extracting information from a spec file.
- --tid tid
-
List packages with the specified transaction identifier
(tid). The tid is a Unix timestamp. All packages
installed or erased in a single transaction have the same tid.
- --triggeredby pkg
-
List packages that are triggered by the installation of package
pkg.
- --whatrequires capability
-
List packages that require the given capability to function.
- --whatprovides capability
-
List packages that provide the given capability.
5.1.1.5 Information selection options
- -c, --configfiles
-
List configuration files in
the package. Implies -l.
- --changelog
-
Display the log of change information for the package.
- -d, --docfiles
-
List documentation files in the package. Implies -l.
- --dump
-
Dump information for each file in the package. This option must be
used with at least one of -l,
-c, or -d. The output includes the following
information in this order:
path size mtime md5sum mode owner group isconfig isdoc rdev symlink
- --filesbypkg
-
List all files in each package.
- -i, --info
-
Display package information, including the name, version, and
description. Formats the results according to --queryformat if specified.
- -l, --list
-
List all files in the package.
- --last
-
List packages by install time, with the latest packages listed first.
- --provides
-
List the capabilities this package provides.
- -R, --requires
-
List any packages this package depends on.
- -s, --state
-
List each file in the package and its state. The possible states are
normal, not
installed, or replaced.
Implies -l.
- --scripts
-
List any package-specific shell scripts used during installation and
uninstallation of the package.
- --triggers, --triggerscript
-
Display any trigger scripts in the package.
5.1.1.6 Uninstall options
The syntax for erase, the uninstall command, is:
rpm -e package_name ...
rpm --erase package_name ...
The uninstall options are:
- --allmatches
-
Remove all versions of the package. Only one package should be
specified; otherwise, an error results.
- --nodeps
-
Don't check dependencies before uninstalling the
package.
- --nopostun
-
Don't run any post-uninstall scripts.
- --nopreun
-
Don't run any pre-uninstall scripts.
- --noscripts
-
Don't execute any pre-uninstall or post-uninstall
scripts. Equivalent to --nopreun
--nopostun.
- --notriggerpostun
-
Don't execute any post-uninstall scripts triggered
by the removal of this package.
- --notriggers
-
Don't execute any scripts triggered by the removal
of this package. Equivalent to --notriggerun --notriggerpostun.
- --notriggerun
-
Don't execute any uninstall scripts triggered by the
removal of this package.
- --repackage
-
Repackage the files before uninstalling them. Rename the package as
specified by the macro %_repackage_name_fmt and save it in the
directory specified by the macro %_repackage_dir (by default
/var/tmp).
- --test
-
Don't really uninstall anything; just go through the
motions. Use with -vv for debugging.
5.1.1.7 Verify options
The syntax for the verify command is:
rpm -V|-y|--verify [package-selection-options ] [verify-options ]
Verify mode compares information about the installed files in a
package with information about the files that came in the original
package, and displays any discrepancies. The information compared
includes the size, MD5 sum, permissions, type, owner, and group of
each file. Uninstalled files are ignored.
The package selection options include those available for query mode.
In addition, the following verify
options are available:
- --nodeps
-
Ignore package dependencies.
- --nodigest
-
Ignore package or header digests.
- --nofiles
-
Ignore attributes of package files.
- --nogroup
-
Ignore group ownership errors.
- --nolinkto
-
Ignore symbolic link errors.
- --nomd5
-
Ignore MD5 checksum errors.
- --nomode
-
Ignore file mode (permissions) errors.
- --nordev
-
Ignore major and minor device number errors.
- --nomtime
-
Ignore modification time errors.
- --noscripts
-
Ignore any verify script.
- --nosignature
-
Ignore package or header signatures.
- --nosize
-
Ignore file size errors.
- --nouser
-
Ignore user ownership errors.
The output is formatted as an eight-character string, possibly
followed by an attribute marker, and then the filename. The possible
attribute markers are:
c
|
Configuration file
|
d
|
Documentation file
|
g
|
Ghost file (contents not included in package)
|
l
|
License file
|
r
|
Readme file
|
Each of the eight characters in the string represents the result of
comparing one file attribute to the value of that attribute from the
RPM database. A period (.) indicates that the file passed that test.
The following characters indicate failure of the corresponding test:
5
|
MD5 sum
|
D
|
Device
|
G
|
Group
|
L
|
Symlink
|
M
|
Mode (includes permissions and file type)
|
S
|
File size
|
T
|
Mtime
|
U
|
User
|
5.1.1.8 Database rebuild options
The syntax of the command to rebuild
the RPM database is:
rpm --rebuilddb [options ]
You also can build a new database:
rpm --initdb [options ]
The options available with the database rebuild mode are the
--dbpath, --root, and -v options described earlier under Section 5.1.1.1.
5.1.1.9 Signature check options
RPM packages may have a PGP signature
built into them. PGP configuration information is read from the
rpmrc file. There are three types of digital
signature options: you can check signatures, add signatures to
packages, and import signatures.
The syntax of the signature check mode is:
rpm --checksig package_file ...
rpm -K package_file ...
The signature checking options -K
and --checksig check the
digests and signatures contained in the specified packages to insure
the integrity and origin of the packages. Note that RPM now
automatically checks the signature of any package when it is read;
this option is still useful, however, for checking all headers and
signatures associated with a package.
The following options are available for use with signature check mode:
- --nogpg
-
Don't check any GPG signatures.
- --nomd5
-
Don't check any MD5 signatures.
- --nopgp
-
Don't check any PGP signatures.
The syntax for adding signatures to binary packages is:
rpm --addsign binary-pkgfile ...
rpm --resign binary-pkgfile ...
Both --addsign and --resign generate and insert new
signatures, replacing any that already exist in the specified binary
packages.
The syntax for importing signatures is:
rpm --import public-key
The --import option is used to
import an ASCII public key to the RPM database so that digital
signatures for packages using that key can be verified. Imported
public keys are carried in headers, and keys are kept in a ring,
which can be queried and managed like any package file.
5.1.1.10 Miscellaneous options
Several additional rpm options are
available:
- --querytags
-
Print the tags available for use with the --queryformat option in query mode.
- --setperms packages
-
Set file permissions of the specified packages to those in the
database.
- --setugids packages
-
Set file owner and group of the specified packages to those in the
database.
- --showrc
-
Show the values rpm will use for all
options that can be set in an rpmrc file.
5.1.1.11 FTP/HTTP options
The following options are available
for use with FTP and HTTP URLs in install, update, and query modes.
- --ftpport port
-
Use port for making an FTP connection on the
proxy FTP server instead of the default port. Same as specifying the
macro %_ftpport.
- --ftpproxy host
-
Use host as the proxy server for FTP transfers
through a firewall that uses a proxy. Same as specifying the macro
%_ftpproxy.
- --httpport port
-
Use port for making an HTTP connection on the
proxy HTTP server instead of the default port. Same as specifying the
macro %_httpport.
- --httpproxy host
-
Use host as the proxy server for HTTP transfers.
Same as specifying the macro %_httpproxy.
5.1.2 The rpmbuild Command
The
rpmbuild command is used to build
RPM packages. The syntax for rpmbuild is:
rpmbuild - [b |t ]step [build-options ] spec-file ...
Specify -b to build a package
directly from a spec file, or -t to
open a tarred, gzipped file and use its spec file.
Both forms take the following single-character
step arguments, listed in the order they would
be performed:
- p
-
Perform the prep stage, unpacking source files and applying patches.
- l
-
Do a list check, expanding macros in the files section of the spec
file and verifying that each file exists.
- c
-
Perform the build stage. Done after the prep stage; generally
equivalent to doing a make.
- i
-
Perform the install stage. Done after the prep and build stages;
generally equivalent to doing a make
install.
- b
-
Build a binary package. Done after prep, build, and install.
- s
-
Build a source package. Done after prep, build, and install.
- a
-
Build both binary and source packages. Done after prep, build, and
install.
The general rpm options described
earlier in Section 5.1.1.1 can be used
with rpmbuild.
The following additional options can also be used when building an
rpm file with rpmbuild:
- --buildroot dir
-
Override the BuildRoot tag with
dir when building the package.
- --clean
-
Clean up (remove) the build files after the package has been made.
- --nobuild
-
Go through the motions, but don't execute any build
stages. Used for testing spec files.
- --rmsource
-
Remove the source files when the build is done. Can be used as a
standalone option with rpm to clean
up files separately from creating the packages.
- --rmspec
-
Remove the spec file when the build is done. Like --rmsource, --rmspec can be used as a standalone
option with rpmbuild.
- --short-circuit
-
Can be used with -bc and -bi to skip previous stages.
- --sign
-
Add a GPG signature to the package for verifying its identity and
origin.
- --target platform
-
When building the package, set the macros %_target, %_target_arch, and %_target_os to the value indicated by
platform.
Two other options can be used standalone with rpmbuild to recompile or rebuild a package:
- --rebuild source-pkgfile...
-
Like --recompile, but also
build a new binary package. Remove the build directory, the source
files, and the spec file once the build is complete.
- --recompile source-pkgfile...
-
Install the named source package, and prep, compile, and install the
package.
Finally, the --showrc option is
used to show the current rpmbuild
configuration:
rpmbuild --showrc
This option shows the values that will be used for all options that
can be set in an rpmrc file.
5.1.3 RPM Examples
Query the
RPM database to find Emacs-related packages:
% rpm -q -a | grep emacs
Query an uninstalled package, printing information about the package
and listing the files it contains:
% rpm -qpil ~/downloads/bash2-doc-2.03-8.i386.rpm
Install a package (assumes superuser privileges):
% rpm -i sudo-1.5.3-6.i386.rpm
|