This section describes the RPM package management system. You’ll use a package whenever you install an application on JDS. We introduced packages in Chapter 5, along with basic information on how to install them. This appendix, based on material from Linux in a Nutshell (O’Reilly), tells you in detail how to install, upgrade, delete, and check for packages on your JDS system. JDS has some significant differences from other versions of Linux. A package is a compressed file containing the files necessary to install an application or another piece of software, such as a library. Many applications require the presence of other files or packages, such as particular libraries (and even specific versions of the libraries). Such requirements are known as dependencies. No package can be installed until all the packages it depends on are installed. When you attempt to install a package, error messages tell you whether other packages are needed.
Package management systems offer many benefits. As a user, you may want to query the package database to find out what packages are installed on the system and what their versions are. If you are a developer, you need to know how to build a package for distribution.
Among other things, package managers do the following:
Provide tools for installing, updating, removing, and managing the software on your system
Allow you to install new or upgraded software directly across a network
Tell you what software package a particular file belongs to or what files a package contains
Maintain a database of packages on the system and their state, so you can find out which packages or versions are installed on your system
Provide dependency checking, so you don’t mess up your system with incompatible software
Provide PGP, MD5, or other signature-verification tools
Provide tools for building packages
Any user can list or query packages, however, installing, upgrading, or removing packages generally requires superuser privileges. This is because the packages are normally installed in systemwide directories that are writable only by root. Sometimes you can specify an alternate directory to install a package into your home directory or into a project directory where you have write permission.
RPM Package Manager backs up old files before installing an updated package. Not only does this let you go back if there is a problem, but it also ensures that you don’t lose your changes (to configuration files, for example).
Using RPM is straightforward. A single command,
rpm
, has options to perform all package
management functions except building packages.[2] For example, to
find out if the Emacs editor is installed on your system, you could
say:
% rpm -q emacs
emacs-21.2-18
The rpmbuild
command is used to build both binary
and source packages.
RPM packages are built, installed, and
queried with the rpm
command. RPM package
names usually end with an .rpm extension.
rpm
has a set of modes, each with its own options.
The format of the rpm
command is:
rpm
[options
] [packages
]
With a few exceptions, as noted in the lists of options that follow,
the first option specifies the rpm
mode (install,
query, update, etc.), and any remaining options affect that mode.
Options that refer to packages are sometimes specified as
package-name
and sometimes as
package-file
. The package name is the name
of the program or application, such as gif2png
.
The package file is the name of the RPM file, such as
gif2png-2.4.6-1.i386.rpm
.
RPM provides a configuration file for specifying frequently used
options. The default global configuration is usually
/usr/lib/rpm/rpmrc, the local system
configuration file is /etc/rpmrc, and users can
set up their own $HOME/.rpmrc files. You can use
the --showrc
option to show the values RPM will
use for all the options that may be set in an
rpmrc file:
rpm --showrc
The rpm
command includes FTP and HTTP
clients, so you can specify an ftp:// or
http:// URL to install or query a package across
the Internet. You can use an FTP or HTTP URL wherever
package-file
is specified in the commands
presented here.
Any user can query the RPM database. Most of the other functions require superuser privileges.
The following options can be used with all modes:
--dbpath
path
Use path
as the path to the RPM database
instead of the default /var/lib/rpm.
-?
,
--help
Print a long usage message (running rpm
with no
options gives a shorter usage message).
--pipe
command
Pipe the rpm
output to
command
.
--quiet
Display only error messages.
--rcfile
filelist
Get configuration from the files in the colon-separated
filelist
. If --rcfile
is specified, there must be at least one file in the list and the
file must exist.
--root
dir
Perform all operations within the directory tree rooted at
dir
.
-v
Verbose. Print progress messages.
--version
Print the version number of rpm
.
-vv
Print debugging information.
Use the install
command to install or upgrade an RPM package. The
install
syntax is:
rpm -i
[install-options
]package_file
. . .rpm --install
[install-options
]package_file
. . .
To install a new version of a package and remove an existing version
at the same time, use the upgrade
command instead:
rpm -U
[install-options
]package_file
. . .rpm --upgrade
[install-options
]package_file
. . .
If the package doesn’t already exist on the system,
-U
acts like -i
and installs
it. To prevent that behavior, you can freshen
a
package instead; in that case, rpm
upgrades the
package only if an earlier version is already installed. The
freshen
syntax is:
rpm -F
[install-options
]package_file
. . .rpm --freshen
[install-options
]package_file
. . .
package-file
can be specified as an FTP or
HTTP URL to download the file before installing it.
The installation and upgrade options are:
--aid
If rpm
suggests additional packages, add them to
the list of package files.
--allfiles
Install or upgrade all files.
--badreloc
Used with --relocate
to force relocation even if
the package is not relocatable.
--excludedocs
Don’t install any documentation files.
--excludepath
path
Don’t install any file whose filename begins with
path
.
--force
Force the installation. Equivalent to using all of
--replacepkgs
, --replacefiles
,
and --oldpackage
.
-h
, --hash
Print fifty hash marks as the package archive is unpacked. Use with
-v
or --verbose
for a nicer
display.
--ignorearch
Install even if the binary package is intended for a different architecture.
--ignoreos
Install binary package even if the operating systems don’t match.
--ignoresize
Don’t check disk space availability before installing.
--includedocs
Install documentation files. This is needed only if
excludedocs: 1
is specified in an
rpmrc file.
--justdb
Update the database only; don’t change any files.
--nodeps
Don’t check whether this package depends on the presence of other packages.
--nodigest
Don’t verify package or header digests.
--noorder
Don’t reorder packages to satisfy dependencies before installing.
--nopost
Don’t execute any post-install script.
--nopostun
Don’t execute any post-uninstall script.
--nopre
Don’t execute any pre-install script.
--nopreun
Don’t execute any pre-uninstall script.
--noscripts
Don’t execute any pre-install or post-install
scripts. Equivalent to specifying all of --nopre
,
--nopost
, --nopreun
, and
--nopostun
.
--nosignature
Don’t verify package or header signatures.
--nosuggest
Don’t suggest packages that provide a missing dependency.
--notriggerin
Don’t execute any install trigger scriptlet.
--notriggerun
Don’t execute any uninstall trigger scriptlet.
--notriggerpostun
Don’t execute any post-uninstall trigger scriptlet.
--notriggers
Don’t execute any scripts triggered by package installation.
--oldpackage
Allow an upgrade to replace a newer package with an older one.
--percent
Print percent-completion messages as files are unpacked. Useful for
running rpm
from other tools.
--prefix
path
Set the installation prefix to path
for
relocatable binary packages.
--relocate
oldpath
=
newpath
For relocatable binary files, change all file paths from
oldpath
to
newpath
. Can be specified more than once
to relocate multiple paths.
--repackage
Repackage the package files before erasing. Rename the package as
specified by the macro %_repackage_name_fmt
, and
save it in the directory specified by the macro
%_repackage_dir
(by default,
/var/tmp).
--replacefiles
Install the packages even if they replace files from other installed packages.
--replacepkgs
Install the packages even if some of them are already installed.
--test
Go through the installation to see what it would do, but don’t actually install the package. This option lets you test for problems before doing the installation.
The
syntax for the query
command is:
rpm -q
[package-options
] [information-options
]rpm --query
[package-options
] [information-options
]
There are two subsets of query options. Package selection options determine what packages to query, and information selection options determine what information to provide.
package_name
-a
, --all
Query all installed packages.
-f
file
, --file
file
Find out which package owns file
.
--fileid
md5
Query package with the specified MD5 digest.
-g
group
, --group
group
Find out which packages have group group
.
--hdrid
sha1
Query package with the specified SHA1 digest in the package header.
-p
package_file
, --package
package_file
Query the uninstalled package
package_file
, which can be a URL. If
package_file
is not a binary package, it
is treated as a text file containing a package manifest. Each line of
the manifest contain a path or one or more whitespace-separated glob
expressions to be expanded to paths. These paths are then used
instead of package_file
as the query
arguments. The manifest can contain comments that begin with a hash
mark (#).
--pkgid
md5
Query the package with a package identifier that is the given MD5 digest of the combined header and contents.
--querybynumber
num
Query the num
th database entry. Useful for
debugging.
-qf
, --queryformat
num
Specify the format for displaying the query output, using tags to
represent different types of data (e.g., NAME, FILENAME,
DISTRIBUTION). The format specification is a variation of the
standard printf
formatting, with the type
specifier omitted and replaced by the name of the header tag inclosed
in braces ({ }). For example:
%{NAME}
The tag names are case-insensitive. Use
--querytags
to view a list of available tags. The
tag can be followed by
:type
to get a
different output format type. The possible types are:
armor
Wrap a public key in ASCII armor.
base64
Encode binary data as base64.
date
Use strftime(3) "%c
" format.
day
Use strftime(3) "%a %b %d %Y
" format.
depflags
Format dependency flags.
fflags
Format file flags.
hex
Use hexadecimal format.
octal
Use octal format.
perms
Format file permissions.
shescape
Escape single quotes for use in a script.
triggertype
Display trigger suffix.
--specfile
specfile
Query specfile
as if it were a package.
Useful for extracting information from a spec file.
--tid
tid
List packages with the specified transaction identifier
(tid
). The tid is a Unix timestamp. All
packages installed or erased in a single transaction have the same
tid.
--triggeredby
pkg
List packages that are triggered by the installation of package
pkg
.
--whatrequires
capability
List packages that require the given capability to function.
--whatprovides
capability
-c
, --configfiles
--changelog
Display the log of change information for the package.
-d
, --docfiles
List documentation files in the package. Implies
-l
.
--dump
Dump information for each file in the package. This option must be
used with at least one of the following: -l
,
-c
, or -d
. The output includes
the following information in this order:
path size mtime md5sum mode owner group isconfig isdoc rdev symlink
--filesbypkg
List all files in each package.
-i
, --info
Display package information, including the name, version, and
description. Formats the results according to
--queryformat
if specified.
-l
, --list
List all files in the package.
--last
List packages by install time, with the latest packages listed first.
--provides
List the capabilities this package provides.
-R
, --requires
List any packages this package depends on.
-s
, --state
List each file in the package and its state. The possible states are
normal
, not
installed
, or replaced
. Implies
-l
.
--scripts
List any package-specific shell scripts used during installation and uninstallation of the package.
--triggers
, --triggerscript
The
syntax for erase
, the uninstall command, is:
rpm -e
package_name
. . .rpm --erase
package_name
. . .
The uninstall options are:
--allmatches
Remove all versions of the package. Only one package should be specified; otherwise, an error results.
--nodeps
Don’t check dependencies before uninstalling the package.
--nopostun
Don’t run any post-uninstall scripts.
--nopreun
Don’t run any pre-uninstall scripts.
--noscripts
Don’t execute any pre-uninstall or post-uninstall
scripts. Equivalent to --nopreun --nopostun
.
--notriggerpostun
Don’t execute any post-uninstall scripts triggered by the removal of this package.
--notriggers
Don’t execute any scripts triggered by the removal
of this package. Equivalent to --notriggerun--notriggerpostun
.
--notriggerun
Don’t execute any uninstall scripts triggered by the removal of this package.
--repackage
Repackage the files before uninstalling them. Rename the package as
specified by the macro %_repackage_name_fmt
and
save it in the directory specified by the macro
%_repackage_dir
(by default,
/var/tmp).
--test
Don’t really uninstall anything; just go through the
motions. Use with -vv
for debugging.
The
syntax for the verify
command is:
rpm -V|-y|--verify
[package-selection-options
] [verify-options
]
Verify mode compares information about the installed files in a package with information about the files that came in the original package, and displays any discrepancies. The information compared includes the size, MD5 sum, permissions, type, owner, and group of each file. Uninstalled files are ignored.
The package selection options include those available for query mode.
In addition, the following verify
options are
available:
--nodeps
Ignore package dependencies.
--nodigest
Ignore package or header digests.
--nofiles
Ignore attributes of package files.
--nogroup
Ignore group ownership errors.
--nolinkto
Ignore symbolic link errors.
--nomd5
Ignore MD5 checksum errors.
--nomode
Ignore file mode (permissions) errors.
--nordev
Ignore major and minor device number errors.
--nomtime
Ignore modification time errors.
--noscripts
Ignore any verify script.
--nosignature
Ignore package or header signatures.
--nosize
Ignore file size errors.
--nouser
Ignore user ownership errors.
The output is formatted as an eight-character string, possibly followed by an attribute marker, and then the filename. The possible attribute markers are:
c
Configuration file
d
Documentation file
g
Ghost file (contents not included in package)
l
License file
r
Readme file
Each of the eight characters in the string represents the result of comparing one file attribute to the value of that attribute from the RPM database. A period (.) indicates that the file passed that test. The following characters indicate failure of the corresponding test:
The syntax of the command to rebuild the RPM database is:
rpm --rebuilddb
[options
]
You also can build a new database:
rpm --initdb
[options
]
The options available with the database rebuild mode are the
--dbpath
, --root
, and
-v
options described earlier.
RPM packages may have a PGP signature built into them. PGP configuration information is read from the rpmrc file. There are three types of digital signature options: you can check signatures, add signatures to packages, and import signatures.
The syntax of the signature check mode is:
rpm --checksig
package_file
. . .rpm -K
package_file
. . .
The signature checking options -K
and
--checksig
check the digests and signatures
contained in the specified packages to insure the integrity and
origin of the packages. Note that RPM now automatically checks the
signature of any package when it is read; this option is still
useful, however, for checking all headers and signatures associated
with a package.
The following options are available for use with signature check mode:
--nogpg
Don’t check any GPG signatures.
--nomd5
Don’t check any MD5 signatures.
--nopgp
Don’t check any PGP signatures.
The syntax for adding signatures to binary packages is:
rpm --addsign
binary-pkgfile
. . .rpm --resign
binary-pkgfile
. . .
Both --addsign
and --resign
generate and insert new signatures, replacing any that already exist
in the specified binary packages.[3]
The syntax for importing signatures is:
rpm --import
public-key
The --import
option is used to import an ASCII
public key to the RPM database so that digital signatures for
packages using that key can be verified. Imported public keys are
carried in headers, and keys are kept in a ring, which can be queried
and managed like any package file.
Several additional rpm
options are available:
--querytags
Print the tags available for use with the
--queryformat
option in query mode.
--setperms
packages
Set file permissions of the specified packages to those in the database.
--setugids
packages
Set file owner and group of the specified packages to those in the database.
--showrc
Show the values rpm
will use for all
options that can be set in an rpmrc file.
The following options are available for use with FTP and HTTP URLs in install, update, and query modes:
--ftpport
port
Use port
for making an FTP connection on
the proxy FTP server instead of the default port. Same as specifying
the macro %_ftpport
.
--ftpproxy
host
Use host
as the proxy server for FTP
transfers through a firewall that uses a proxy. Same as specifying
the macro %_ftpproxy
.
--httpport
port
Use port
for making an HTTP connection on
the proxy HTTP server instead of the default port. Same as specifying
the macro %_httpport
.
--httpproxy
host
Use host
as the proxy server for HTTP
transfers. Same as specifying the macro
%_httpproxy
.
The rpmbuild
command is used to build RPM packages. The syntax for
rpmbuild
is:
rpmbuild -
[b
|t
]step
[build-options
]spec-file
. . .
Specify -b
to build a package directly from a spec
file, or -t
to open a tarred, gzipped file and use
its spec file.
Both forms take the following single-character
step
arguments, listed in the order they would be
performed:
p
Perform the prep stage, unpacking source files and applying patches.
l
Do a list check, expanding macros in the files section of the spec file and verifying that each file exists.
c
Perform the build stage. Done after the prep stage; generally
equivalent to doing a make
.
i
Perform the install stage. Done after the prep and build stages;
generally equivalent to doing a make install
.
b
Build a binary package. Done after prep, build, and install.
s
Build a source package. Done after prep, build, and install.
a
Build both binary and source packages. Done after prep, build, and install.
The general rpm
options described earlier can be
used with rpmbuild
.
The following additional options can also be used when building an
rpm
file with rpmbuild
.
--buildroot
dir
Override the BuildRoot
tag with
dir
when building the package.
--clean
Clean up (remove) the build files after the package has been made.
--nobuild
Go through the motions, but don’t execute any build stages. Used for testing spec files.
--rmsource
Remove the source files when the build is done. Can be used as a
standalone option with rpm
to clean up files
separately from creating the packages.
--rmspec
Remove the spec file when the build is done. Like
--rmsource
, --rmspec
can be
used as a standalone option with rpmbuild
.
--short-circuit
Can be used with -bc
and -bi
to
skip previous stages.
--sign
Add a GPG signature to the package for verifying its identity and origin.
--target
platform
When building the package, set the macros
%_target
, %_target_arch
, and
%_target_os
to the value indicated by
platform
.
Two other options can be used standalone with
rpmbuild
to recompile or rebuild a package:
--rebuild
source-pkgfile
. . . Like --recompile
, but also build a new binary
package. Remove the build directory, the source files, and the spec
file once the build is complete.
--recompile
source-pkgfile
. . . Install the named source package, and prep, compile, and install the package.
Finally, the --showrc
option is used to show the
current rpmbuild
configuration:
rpmbuild --showrc
This option shows the values that will be used for all options that can be set in an rpmrc file.
Query the RPM database to find Emacs-related packages:
% rpm -q -a | grep emacs
Query an uninstalled package, printing information about the package and listing the files it contains:
% rpm -qpil ~/downloads/bash2-doc-2.03-8.i386.rpm
Install a package (assumes superuser privileges):
% rpm -i sudo-1.5.3-6.i386.rpm