The rpm command is used to manage software applications and system modules.
Step One: Import Red Hat and Fedora GPG signature keys:
[root@yoserver2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY
[root@yoserver2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora
Do this once to configure RPM so that you won't constantly get the warning message that the signature is "NOKEY".
The purpose is to protect you from using a corrupt or hacked RPM.
Once these command are performed, you are ready to use the RPM command. (This is also required for the YUM commands below.)
Note: Many GPG public keys for other RPM packages (i.e. MySQL: 0x5072E1F5), can be obtained from
(The following RPM installation warning will inform you of the key to obtain: warning: MySQL-XXXX.rpm: V3 DSA signature: NOKEY, key ID 5072e1f5)
Importing a new key from key server:
- gpg --keyserver keyserver.veridis.com --recv-key 5072e1f5
- gpg --export -a 5072e1f5 > pubkey_mysql.asc
- rpm --import pubkey_mysql.asc
Step Two: RPM commands and their use
RPM Command / Descriptionrpm -qilp program_package-ver.rpm / Query for information on package and list destination of files to be installed by the package.
You can also use the Gnome GUI program file-roller to view and read the contents of an RPM. Great tool for inspecting an RPM package and reading the package documentation before you decide to install the package.
rpm2cpio - < program_package-ver.rpm | cpio -id ./path/and/file-name / Extract a single file (with path) from the RPM package to the local directory.
rpm -Uvh program_package-ver.rpm / Upgrade the system with the RPM package
rpm -ivh program_package-ver.rpm / New Install
rpm -Fvh program_package-ver.rpm / Freshen install. Removes all files (including config files) of older version during upgrade.
rpm -q program_package / Query system RPM database (/var/lib/rpm), to see if package is installed.
rpm -qi program_package / Query system RPM database for info/description on package (if installed)
rpm -ql program_package / List all files on the system associated with the package.
rpm -qf file / Identify the package to which this file belongs.
rpm -e program_package / Uninstall package from your system
rpm -qa / List ALL packages on your system. Use this with grep to find families of packages.
rpm -qp --requires program_package-ver.rpm / List dependancies (files and packages) of RPM. List prerequisites.
rpm -q --whatrequires program_package / List dependant packages of RPM. What packages will break if this RPM is removed.
rpm -K --nogpg *.rpm / Non sure if RPM downloaded ok? Verify md5 sum.
RPM Flag / Description
--nodeps / RPM flag to force install even if dependency requirements are not met.
--force / Overwrite of other packages allowed.
--notriggers / Don't execute scripts which are triggered by the installation of this package.
--root /directory-name / Use the system chrooted at /directory-name. This means the database will be read or modified under /directory-name. (Used by developers to maintain multiple environments)
--ignorearch / Allow installation even if the architectures of the binary RPM and host don't match. This is often required for RPM's which were assembled incorrectly
Notes:
- Fedora Core RPM downloads:
Use your browser, wget, curl (downloads using http, https, ftp, ...) or ftp the site download.fedora.redhat.com (login: anonymous, password: your-email-address). - Many times, (like with glibc library or Netscape RPMs etc) it is necessary to mention two or more packages on the command line. The rpm command will account for the co-dependency of the packages. i.e.:
rpm -ivh abc-package1-i386.rpm abc-package2-i386.rpm abc-package3-i386.rpm
- Configuration information is stored in /var/lib/rpm
- Database of descriptive package info. RPM package rpmdb-redhat. Installs database of all packages in distributions to make RPM more informative.
- When installing additional RPM's from the Red Hat CD, cd to the RPMS directory on the CD which contains the packages to be installed.
- Building from a "src" (source) RPM: rpmbuild --rebuild package-name.src.rpm
The source will be placed in /usr/src/redhat/RPMS/....
The command then performs a prep, compile, install and finally creates a new binary RPM package. Use option --clean for cleanup.
The command rpmbuild --showrc package-name.src.rpm shows options to be used as specified in rpmrc and macros configuration file(s).
The source RPMs are not in the RPM database and will not be seen with "rpm -qa
- [Potential Pitfall]: If you get the errors:
- error: cannot get exclusive lock on /var/lib/rpm/Packages
- error: cannot open Packages index using db3 - Operation not permitted (1)
- error: cannot open Packages database in /var/lib/rpm
then you must check:
- Who are you logged in as?: whoami
You must be root. - File permissions: ls -l /var/lib/rpm/Packages
File must be owned by root. - Command to kill processes locking file: fuser -k /var/lib/rpm/Packages
It is best to terminate processes by exiting program (like glint) normally if possible.
- [Potential Pitfall]: If you get the errors:
- [root]# rpm -e package-name
- error: "package-name-X.X.X-X" specifies multiple packages
This is because a package is doubly listed: (Often due to dual 32/64 bit architectures such as the AMD Athelon/Opteron and Intel EM64T - Extended Memory 64 Technology)
[root]# rpm -q package-name
package-name-X.X.X-X
package-name-X.X.X-X
Fix: rpm -e --allmatches package-name
- [Potential Pitfall]: You try and install an RPM but you can not get the appropriate version of the run time libraries because they are too old and not present on your system or you get a runtime error:
/usr/bin/ld: cannot find /lib/libxx.so.1.0.4
Here is how to install some old libraries on your newer system without corrupting your current installation.
- First force the installation of the RPM without the dependency requirement: rpm --nodeps -ivh xxxx-...rmp.
- Next download an old RPM of the appropriate library, i.e. glibc-x.x.x.rpm
- Extract the libraries from the RPM: rpm2cpio glibc-x.x.x.rpm | cpio -idv
This will install to your current directory: ./usr/lib/.. and ./lib/... - Manually copy the library file to the library directory or path accessible by LD_LIBRARY_PATH or ldconfig: i.e.
cp ./lib/libxx.so.1.0.4 /lib/libxx.so.1.0.4
Useful man pages:
- rpm - Red Hat Package Manager
- rpmbuild - Build/create an RPM package.
- redhat-config-packages - RH 8.0 GUI
- gnorpm - RH 6.0+ GUI
- glint - RH 5.2 GUI
Also see:
- RPM HowTo.
- RPM.org Home Page
- RpmLevel - Utility to manage RPM levels on your system.
- AutoRPM - Mirror RPMs from an FTP site, keep installed RPMs consistent with an FTP site or local directory
- Alien - package converter between rpm, dpkg, stampede slp, and slackware tgz file formats.
- CheckInstall - Create packages for RPM (Red Hat, Fedora, Suse), Debian or Slackware for install and uninstall.
Automated System Updates: up2date (Red Hat 7.1 and later)
Select the red dot and exclamation mark icon on the toolbar to launch up2date and follow the GUI. One may also use the command line if managing a remote server. /
Execute the following commands (in order given) to perform an automatic system update:
- /usr/bin/rhn_register :You must first register your system with the Red Hat database. This command will perform a hardware inventory and reporting of your system so that Red Hat knows which software to load to match your needs.
- /usr/bin/up2date-config :This allows you to configure the "up2date" process. It allows you to define directories to use, actions to take (i.e. download updates, install or not install, keep RPM's after install or not), network access (i.e. proxy configuration), use of GPG for package verification, packages or files to skip, etc. Use of GPG requires the Red Hat public key: rpm -import /usr/share/rhn/RPM-GPG-KEY
- /usr/sbin/up2date :This command will perform an audit of RPM's on your system and discover what needs to be updated. It gives you a chance to unselect packages targeted for upgrade. It will download RPM packages needed, resolve dependencies and perform a system update if requested.
[Potential Pitfall]: This works quite well but it is not perfect. Red Hat 7.1 Apache upgrade to 1.3.22 changed the configuration completely. (Beware. manual clean-up and re-configuration is required). When up2date finds the first messed up dependency it stops to tells you. You then have to unselect the package. It then starts again from the beginning.
Installing a new package with up2date:up2date package-name
The package name is given without the version number. If the package is not currently installed, it will be downloaded and installed, along with any dependencies that package requires.
Command line options (partial list) for up2date:
Option / Description--nox / Do not display the GUI interface.
-u
--update / Completely update the system</TD< tr>
-h
--help / Display command line arguments</TD< tr>
-v
--verbose / Print more info about what up2date is doing
--showall / Show a list of all packages available for your release of Red Hat Linux, including those not currently installed.
Also see man pages for:
- up2date-gnome
- rhn_register-gnome
Notes:
- Update in console mode (no GUI): up2date --nox --update
- Configuration file for up2date: /etc/sysconfig/rhn/up2date
- System id and configuration info held in XML format for up2date: /etc/sysconfig/rhn/systemid
- The default download directory for up2date is /var/spool/up2date/. RPM packages and support files are downloaded to this directory.
- An automated alert to the need to update utilizes the rhnsd which can be started by issuing the command: /etc/rc.d/init.d/rhnsd start
YUM/YUMEX: RPM Updates
YUM (Yellowdog Updater, Modified) is a client command line application for updating an RPM based system from an internet repository (YUM "yum-arch" server) accessible by URL (xxx, ftp://yyy or even file://zzz local or NFS). The YUM repository has a directory of the headers with RPM info and directory path information. YUM will resolve RPM package dependencies and manage the importation and installation of dependencies.
YUM is also capable of upgrading across releases. One can upgrade Red Hat Linux 7 and 8 to 9. Red Hat 8 and 9 can be upgraded to Fedora Core. See Red Hat YUM upgrades.
YUM config file: /etc/yum.conf (Fedora Core 3)
[main]cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
retries=20
obsoletes=1
gpgcheck=1
exclude=firefox mozplugger gftp
# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d
You may list packages you wish NOT to update (Space delimited list. '*' wildcards allowed.): exclude=package-name
(i.e. On x86_64 I do not update firefox or mozplugger with the 64 bit version, I use the 32 bit version so that 32 bit plugins will work.)
Set "gpgcheck=0" to avoid the signature check.
For the option "gpgcheck=1" to work, use the "rpm --import GPG-KEY commands as detailed above in section one of the RPM tutorial.
[root@server2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY
[root@server2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora
File: /etc/yum.repos.d/fedora.repo (Fedora Core 3)
[base]name=Fedora Core $releasever - $basearch - Base
#baseurl=
mirrorlist=
enabled=1
gpgcheck=1
Mirror site/sites which contain Fedora base configuration RPM's.
Other protocols such as ftp can be used as well as http.
File: /etc/yum.repos.d/fedora-updates.repo (Fedora Core 3)
[updates-released]name=Fedora Core $releasever - $basearch - Released Updates
#baseurl=
mirrorlist=
enabled=1
gpgcheck=1
Mirror site which contain Fedora updated RPM's.
List of mirrors:
Terms:
- releasever: Release Version - current version of Fedora.
- basearch: Base Architecture - system hardware architecture i.e. i386
Add other repositories: (not included in default install)
- Fedora Extras:
Create file: /etc/yum.repos.d/extras.repo
[extras]
name=Fedora Extras $releasever - $basearch
baseurl=
gpgcheck=1
Adding FreshRPM GPG signature key:
[root@server2 ~]# rpm --import
- Add FreshRPM repository site to your list for downloads of non-standard Fedora software.
(Software not released by Red Hat like DVD players, audio encoders/rippers, etc)
Create file: /etc/yum.repos.d/freshrpms.repo
[freshrpms]
name=Fedora Linux $releasever - $basearch - freshrpms
baseurl=
enabled=0
gpgcheck=1
To directly enable a particular repository which is currently disabled (enabled=0): yum -y --enablerepo=freshrpms install kino
Adding FreshRPM GPG signature key:
[root@server2 ~]# rpm --import
More examples of FreshRPMs yum.conf
- Add: dag.wieers.com
Create file: /etc/yum.repos.d/dag.repo
[dag]
name=Dag APT Repository
baseurl=
enabled=0
gpgcheck=1
Directly enable repository: yum -y --enablerepo=dag install fortune-oneliners Adding dag GPG signature key:
[root@server2 ~]# rpm --import
- Add: Macromedia.mplug.org
Create file: /etc/yum.repos.d/flash.repo
[flash]
name=Macromedia Flash plugin
baseurl=
enabled=0
#gpgcheck=1
To directly enable a particular repository which is currently disabled (enabled=0): yum -y --enablerepo=flash install flash-plugin
- Fedora examples (more repositories: livna, Jpackage, ...)
Using YUM and YUM examples:
- Update:
- Update all packages on your system: yum update
- Update a package: yum update package-name
- Update all with same prefix: yum update package-name-prefix\*
This command will update your system. It will interactively ask permission. i.e. "Is this ok [y/N]:" - To avoid the prompt/questions use the command: yum -y update Sample session:
# yum -y update
Setting up Update Process
Setting up Repos
base 100% |======| 1.1 kB 00:00
updates-released 100% |======| 951 B 00:00
Reading repository metadata in from local files
base : ################################################## 2852/2852
primary.xml.gz 100% |======| 367 kB 00:02
MD Read : ################################################## 927/927
updates-re: ################################################## 927/927
Excluding Packages in global exclude list
Finished
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for mod_dav_svn to pack into transaction set.
mod_dav_svn-1.1.4-1.1.x86 100% |======| 8.9 kB 00:00
---> Package mod_dav_svn.x86_64 0:1.1.4-1.1 set to be updated
---> Downloading header for initscripts to pack into transaction set.
initscripts-7.93.7-1.x86_ 100% |======| 87 kB 00:00
---> Package initscripts.x86_64 0:7.93.7-1 set to be updated
---> Downloading header for gtk2 to pack into transaction set.
...
...
--> Running transaction check
Dependencies Resolved
Transaction Listing:
Install: aqhbci.x86_64 0:1.0.2beta-0.fc3 - updates-released
Install: aqhbci-devel.x86_64 0:1.0.2beta-0.fc3 - updates-released
Install: kernel.x86_64 0:2.6.11-1.14_FC3 - updates-released
...
...
Performing the following to resolve dependencies:
Install: aqbanking-devel.x86_64 0:1.0.4beta-0.fc3 - updates-released
Install: gwenhywfar-devel.x86_64 0:1.7.2-0.fc3 - updates-released
Total download size: 431 M
Downloading Packages:
(1/168): mod_dav_svn-1.1. 100% |======| 54 kB 00:00
(2/168): initscripts-7.93 100% |======| 1.1 MB 00:03
...
...
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating: libgcc 100 % done 1/333
Updating: libgcc 100 % done 2/333
...
...
Completing update for mod_dav_svn - 169/333
Completing update for initscripts - 170/333
Completing update for gtk2 - 171/333
...
...
Installed: aqhbci.x86_64 0:1.0.2beta-0.fc3 aqhbci-devel.x86_64 0:1.0.2beta-0.fc3 kernel.x86_64 0:2.6.11-1.14_FC3
Dependency Installed: aqbanking-devel.x86_64 0:1.0.4beta-0.fc3 gwenhywfar-devel.x86_64 0:1.7.2-0.fc3
Updated: ImageMagick.i386 0:6.2.0.7-2.fc3 ImageMagick.x86_64 0:6.2.0.7-2.fc3 ImageMagick-c++.i386 ...
...
...
Obsoleted: openhbci.x86_64 0:0.9.17-1 openhbci.i386 0:0.9.17-1 openhbci-devel.x86_64 0:0.9.17-1
Complete!
#
- To install a single package: yum -y install package-name
This will also resolve package dependencies. - Remove a package: yum remove package-name
- Info:
- List available packages, version and state (base, installed, updates-released): yum list
- List the packages installed which are not available in repository listed in config file: yum list extras
- List packages which are obsoleted by packages in yum repository: yum list obsoletes
- Clean local cache of headers and RPM's: yum clean all
(See: /var/cache/yum/)
Notes:
- yum man page
- yum.conf man page
- You can set up your own YUM server for your own cluster or intranet. Set up a web server with the same paths as used in the configuration files and point your configuration files to your server.
- Fedora configures YUM as a daily cron job: /etc/cron.daily/yum.cron
#!/bin/sh
if [ -f /var/lock/subsys/yum ]; then
/usr/bin/yum -R 10 -e 0 -d 0 -y update yum
/usr/bin/yum -R 120 -e 0 -d 0 -y update
fi