This article will introduce you to RPM by showing you the most common features, namely how to query, install, upgrade and remove packages.
One of the mundane yet necessary duties a system administrator faces is software management. Applications and patches come and go. After months or years of adding, upgrading and removing software applications, it's often hard to tell just what is on a system: the version of a software package and its dependent applications. Often, old files wind up lying around, because no one's quite sure anymore who owns them. Worse, you may install a new software package, only to find it has overwritten a crucial file from a currently installed package.
The Red Hat Package Manager (RPM) was designed to eliminate these problems. With RPM, software is managed in discrete “packages”--a collection of the files that make up the software, and instructions for adding, removing and upgrading those files. RPM also makes sure you never lose configuration files by backing up existing files before overwriting. RPM also tracks which version of an application is currently installed on your system. While named after Red Hat, the RPM system is also a part of Caldera OpenLinux, SuSE and all distributions based on Red Hat, such as Mandrake.
In the generic sense, a package is a container. It includes the files needed to accomplish a certain task, such as the binaries, configuration and documentation files in a software application. It also includes instructions on how and where these files should be installed and how the installation should be accomplished. A package also includes instructions on how to uninstall itself.
RPM packages are often identified by file name, which usually consists of the package name, version, release and the architecture for which it was built. For example, the package penguin-3.26.i386.rpm indicates this is the (fictional) Penguin Utilities package, version 3, release 26. i386 indicates it has been compiled for the Intel architecture. Note that although this is the conventional method of naming RPM packages, the actual package name, version and architecture information are read from the contents of the file by RPM, not the file name. You could rename the file blag.rpm, but it would still install as penguin-3.26.i386.rpm.
At the heart of RPM is the RPM database. This tracks where each file in a package is located, its version and much more. The RPM also maintains an MD5 checksum of each file. Checksums are used to determine whether a file has been modified, which comes in handy if you need to verify the integrity of one or more packages. The RPM database makes adding, removing and upgrading packages easy, because RPM knows which files to handle and where to put them. RPM also takes care of conflicts between packages. For example, if package X, which has already been installed, has a configuration file called /etc/someconfig and you attempt to install a new package Y, which wants to install the same file, RPM will manage this conflict by backing up your previous configuration file before the new file is written.
The workhorse of the RPM system is the program rpm. rpm is the “driver” responsible for maintaining the RPM databases. Of rpm's 10 modes of operation, I will cover the four most common: query, install, upgrade and remove.
One of the strengths of RPM is that, ideally, it accounts for every system or application file on your system. Using RPM's query mode, you can determine which packages are installed on your system or which files belong to a particular package. This can be a big help if you want to locate a file that belongs to a certain package. Query mode can also be used to identify which files are in an RPM file before you install it. This lets you see the files that are going to be installed on your system before they are actually written.
The -q switch is used to query packages. By itself, -q will give you the version of a specified package. If you want to see which version of the tin newsreader you have on your system, you would issue the following command:
# rpm -q tin tin-1.22-12
If you want to see which installed package owns a file, use the -f modifier. Here, we want to see which package owns /etc/passwd.
# rpm -q -f /etc/passwd setup-1.9.2-1Likewise, if you want to generate a list of files belonging to a certain package, use the -l modifier:
# rpm -q -l tin /usr/bin/rtin /usr/bin/tin /usr/doc/tin-1.22 /usr/doc/tin-1.22/CHANGES /usr/doc/tin-1.22/FTP /usr/doc/tin-1.22/HACKERS /usr/doc/tin-1.22/INSTALL /usr/doc/tin-1.22/INSTALL.NNTP /usr/doc/tin-1.22/MANIFEST /usr/doc/tin-1.22/README /usr/doc/tin-1.22/TODO /usr/man/man1/tin.1One of the most common modifiers to -q is -a, query all packages on your system. This system has 350 packages installed, but here's a truncated output:
# rpm -q -a setup-1.9.2-1 filesystem-1.3.2-3 basesystem-4.9-3 ldconfig-1.9.5-8 ... code_crusader-1.1.0-1 lyx-0.11.53-1 xforms-0.86-1 wine-981211-1Listing 1
For even more information about a package, use the -i (information) modifier:
# rpm -q -i passwd
Output is shown in Listing 1. Here's what some of the most important entries mean:
Name: the name of the package
Version: the version of the package
Release: the number of times this package has been released using the same version of the software
Install date: when this package was installed on your system
Group: your RPM database is divided into groups, which describe the functionality of the software. Each time you install a package, it will be grouped accordingly.
Size: the total size in bytes of all the files in the package
License: the license of the original software
# rpm -q -p glibc.rpm glibc-2.0.7-29
The install mode, as its name suggests, is used to install RPM packages onto your system. Installing a package is accomplished with the -i option:
# rpm -i penguin-3.26.i386.rpm
Before installing the package, RPM performs several checks. First, it makes sure the package you are trying to install isn't already installed. RPM won't let you install a package on top of itself. It also checks that you are not installing an older version of the package. Next, RPM does a dependency check. Some packages depend on other packages being installed first. In this example, you have just downloaded the latest RPM version of Penguin utilities and now want to install it.
# rpm -i penguin-3.26.i386.rpm failed dependencies: iceberg >= 7.1 is needed by penguin-3.26.i386.rpmThis error indicates the penguin package failed to install because it requires the iceberg package with a version equal to or greater than 7.1. You'll have to find and install the iceberg package, and any packages iceberg requires.
Finally, RPM checks to see if any configuration files would be overwritten by the installation of this package. RPM tries to make intelligent decisions about what to do with conflicts. If RPM replaces an existing configuration file with one from the new package, a warning will be printed to the screen.
# rpm -I penguin-3.26.i386.rpm warning: /etc/someconfig saved as /etc/someconfig.rpmsave
It's up to you to look at both files and determine what modifications, if any, need to be made.
The -u switch is used to upgrade existing packages. For example, if Penguin Utilities version 3.25 is already installed, issuing the command
# rpm -u penguin-3.26.i386.rpm
will replace the old version of the package with the new one. In fact, one of the quirks of RPM's upgrade mode is that the older package doesn't have to exist in the first place: -u works identically to -i in this case.
The rpm -e command removes a package from your system. Like Install mode, RPM does some housekeeping before it will let you remove a package. First, it does a dependency check to make sure no other packages depend on the package you are removing. If you have modified any of the configuration files, RPM makes a copy of the file, appends .rpmsave onto the end of it, then erases the original. Finally, after removing all files from your system and the RPM database, it removes the package name from the database.
Be very careful about which packages you remove from your system. Like most Linux utilities, RPM assumes omniscience and will silently let you shoot yourself in the foot. Removing the passwd or kernel package would be devastating.