Search This Blog

Friday, January 8, 2016

RHEL 6 - Package Management with RPM

Features:
1. Compression of Packages
2. SHA-256 hashes are used to sign packages
3. RPM DB: ‘/var/lib/rpm’ – tracks installed packages, attributes of package files, etc
4. 5-Modes of Operations:
a. Install
b. Uninstall
c. Upgrade
d. Query
e. Verify

5. Caveat: Does Not auto-resovle dependencies: Use ‘yum’
6. Caveat: RPM does NOT track non-RPM programs/apps: i.e ‘*.tar.gz’ || ‘*.tar.bz2’


Tasks:
1.    Query
a.    ‘rpm –qa’         -           dumps ALL installed packages (RPMs)
[root@server2 /]# rpm -qa|more
iputils-20071127-20.el6.x86_64
pilot-link-0.12.4-6.el6.x86_64
gnome-bluetooth-2.28.6-8.el6.x86_64
sssd-client-1.12.4-47.el6_7.4.x86_64
hyperv-daemons-license-0-0.17.20150108git.el6.noarch
ORBit2-2.14.17-5.el6.x86_64
totem-nautilus-2.28.6-4.el6.x86_64
perl-XML-Parser-2.36-7.el6.x86_64
db4-cxx-4.7.25-20.el6_7.x86_64
checkpolicy-2.0.22-1.el6.x86_64
btrfs-progs-0.20-0.2.git91d9eec.el6.x86_64
device-mapper-event-libs-1.02.95-3.el6_7.4.x86_64
libwacom-data-0.8-1.el6.noarch
libcgroup-0.40.rc1-16.el6.x86_64
libnih-1.0.1-7.el6.x86_64
rhythmbox-0.12.8-1.el6.x86_64
gnutls-utils-2.8.5-18.el6.x86_64
nss-softokn-3.14.3-23.el6_7.x86_64

b.    ‘rpm –qa | grep grep’  -           ‘grep-2.20-3.el6_7.1.x86_64’
[root@server2 /]# rpm -qa|grep grep
grep-2.20-3.el6_7.1.x86_64

                                       i.    ‘grep’   -           main name of package
                                      ii.    ‘2.20-3’            -           Package Version
                                     iii.    ‘el6_7.1.x86_64’          -           RedHat version & Platform
c.     ‘rpm –qi grep’  -           returns metadata about ‘grep’ package
[root@server2 /]# rpm -qi grep
Name        : grep                         Relocations: (not relocatable)
Version     : 2.20                              Vendor: Red Hat, Inc.
Release     : 3.el6_7.1                     Build Date: Tue 15 Sep 2015 06:58:14 PM IST
Install Date: Tue 05 Jan 2016 03:56:39 PM IST      Build Host: x86-032.build.eng.bos.redhat.com
Group       : Applications/Text             Source RPM: grep-2.20-3.el6_7.1.src.rpm
Size        : 1197808                          License: GPLv3+
Signature   : RSA/8, Thu 08 Oct 2015 06:44:03 PM IST, Key ID 199e2f91fd431d51
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.gnu.org/software/grep/
Summary     : Pattern matching utilities
Description :
The GNU versions of commonly used grep utilities. Grep searches through
textual input for lines which contain a match to a specified pattern and then
prints the matching lines. GNU's grep utilities include grep, egrep and fgrep.

GNU grep is needed by many scripts, so it shall be installed on every system.
[root@server2 /]#

d.    ‘rpm –ql grep’  -           enumerates the contents of the package: “grep”
[root@server2 /]# rpm -ql grep
/bin/egrep
/bin/fgrep
/bin/grep
/usr/share/doc/grep-2.20
/usr/share/doc/grep-2.20/ABOUT-NLS
/usr/share/doc/grep-2.20/AUTHORS
/usr/share/doc/grep-2.20/COPYING
/usr/share/doc/grep-2.20/ChangeLog
/usr/share/doc/grep-2.20/NEWS
/usr/share/doc/grep-2.20/README
/usr/share/doc/grep-2.20/THANKS
/usr/share/doc/grep-2.20/TODO
/usr/share/info/grep.info.gz
/usr/share/locale/af/LC_MESSAGES/grep.mo
/usr/share/locale/be/LC_MESSAGES/grep.mo
/usr/share/locale/bg/LC_MESSAGES/grep.mo
/usr/share/locale/ca/LC_MESSAGES/grep.mo
/usr/share/locale/cs/LC_MESSAGES/grep.mo
/usr/share/locale/da/LC_MESSAGES/grep.mo
/usr/share/locale/de/LC_MESSAGES/grep.mo
/usr/share/locale/el/LC_MESSAGES/grep.mo
/usr/share/locale/eo/LC_MESSAGES/grep.mo
/usr/share/locale/es/LC_MESSAGES/grep.mo
/usr/share/locale/et/LC_MESSAGES/grep.mo
/usr/share/locale/eu/LC_MESSAGES/grep.mo
/usr/share/locale/fi/LC_MESSAGES/grep.mo
/usr/share/locale/fr/LC_MESSAGES/grep.mo
/usr/share/locale/ga/LC_MESSAGES/grep.mo
/usr/share/locale/gl/LC_MESSAGES/grep.mo
/usr/share/locale/he/LC_MESSAGES/grep.mo
/usr/share/locale/hr/LC_MESSAGES/grep.mo
/usr/share/locale/hu/LC_MESSAGES/grep.mo
/usr/share/locale/id/LC_MESSAGES/grep.mo
/usr/share/locale/it/LC_MESSAGES/grep.mo
/usr/share/locale/ja/LC_MESSAGES/grep.mo
/usr/share/locale/ko/LC_MESSAGES/grep.mo
/usr/share/locale/ky/LC_MESSAGES/grep.mo
/usr/share/locale/lt/LC_MESSAGES/grep.mo
/usr/share/locale/nb/LC_MESSAGES/grep.mo
/usr/share/locale/nl/LC_MESSAGES/grep.mo
/usr/share/locale/pa/LC_MESSAGES/grep.mo
/usr/share/locale/pl/LC_MESSAGES/grep.mo
/usr/share/locale/pt/LC_MESSAGES/grep.mo
/usr/share/locale/pt_BR/LC_MESSAGES/grep.mo
/usr/share/locale/ro/LC_MESSAGES/grep.mo
/usr/share/locale/ru/LC_MESSAGES/grep.mo
/usr/share/locale/sk/LC_MESSAGES/grep.mo
/usr/share/locale/sl/LC_MESSAGES/grep.mo
/usr/share/locale/sr/LC_MESSAGES/grep.mo
/usr/share/locale/sv/LC_MESSAGES/grep.mo
/usr/share/locale/th/LC_MESSAGES/grep.mo
/usr/share/locale/tr/LC_MESSAGES/grep.mo
/usr/share/locale/uk/LC_MESSAGES/grep.mo
/usr/share/locale/vi/LC_MESSAGES/grep.mo
/usr/share/locale/zh_CN/LC_MESSAGES/grep.mo
/usr/share/locale/zh_TW/LC_MESSAGES/grep.mo
/usr/share/man/man1/egrep.1.gz
/usr/share/man/man1/fgrep.1.gz
/usr/share/man/man1/grep.1.gz

e.    ‘rpm –qf /bin/grep’      -           enumerates the file’s package membership
[root@server2 /]# rpm -qf /bin/grep
grep-2.20-3.el6_7.1.x86_64

f.     ‘rpm –qd grep’ -           enumerates the included documentation
[root@server2 /]# rpm -qf /bin/grep
grep-2.20-3.el6_7.1.x86_64

g.    ‘rpm –qc lftp’   -           enumerates a package’s configuration files(s)
[root@server2 /]# rpm -qc ntp
/etc/ntp.conf
/etc/ntp/crypto/pw
/etc/sysconfig/ntpd

h.    ‘rpm –qpi /repo/dos2unix-3.1-37.el6.x86_64.rpm’’
[root@server2 repo]# rpm -qpi /repo/dos2unix-3.1-37.el6.x86_64.rpm
Name        : dos2unix                     Relocations: (not relocatable)
Version     : 3.1                               Vendor: Red Hat, Inc.
Release     : 37.el6                        Build Date: Wed 03 Mar 2010 07:25:02 PM IST
Install Date: (not installed)               Build Host: x86-001.build.bos.redhat.com
Group       : Applications/Text             Source RPM: dos2unix-3.1-37.el6.src.rpm
Size        : 18857                            License: BSD
Signature   : RSA/8, Mon 16 Aug 2010 09:23:20 PM IST, Key ID 199e2f91fd431d51
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Summary     : Text file format converter
Description :
Dos2unix converts DOS or MAC text files to UNIX format.

i.     ‘rpm –q –scripts’         -           list shell scripts that may run after the package is installed or uninstalled
[root@server2 repo]# rpm -q --scripts openssh-server
preinstall scriptlet (using /bin/sh):
getent group sshd >/dev/null || groupadd -g 74 -r sshd || :
getent passwd sshd >/dev/null || \
  useradd -c "Privilege-separated SSH" -u 74 -g sshd  -s /sbin/nologin \
  -s /sbin/nologin -r -d /var/empty/sshd sshd 2> /dev/null || :
postinstall scriptlet (using /bin/sh):
/sbin/chkconfig --add sshd
preuninstall scriptlet (using /bin/sh):
if [ "$1" = 0 ]
then
       /sbin/service sshd stop > /dev/null 2>&1 || :
       /sbin/chkconfig --del sshd
fi
postuninstall scriptlet (using /bin/sh):
/sbin/service sshd condrestart > /dev/null 2>&1 || :

j.     ‘rpm –q – changelog’  list change information for the package
[root@server2 repo]# rpm -q --changelog grep
* Tue Sep 15 2015 Jaroslav Å karvada <jskarvad@redhat.com> - 2.20-3.1
- Made symlinks from egrep, fgrep
  Resolves: rhbz#1263252

* Tue Mar 03 2015 Jaroslav Å karvada <jskarvad@redhat.com> - 2.20-3
- Updated pcre buildrequires to require pcre-devel >= 7.8-7
  Related: rhbz#1193030

* Mon Feb 16 2015 Jaroslav Å karvada <jskarvad@redhat.com> - 2.20-2
- Fixed invalid UTF-8 byte sequence error in PCRE mode
  (by pcre-backported-fixes patch)
  Resolves: rhbz#1193030
- Fixed buffer overrun for grep -F
  Resolves: CVE-2015-1345
- Fixed bogus date in the changelog

* Tue Jan 27 2015 Jaroslav Å karvada <jskarvad@redhat.com> - 2.20-1
- New version
  Resolves: rhbz#1064668
  Resolves: rhbz#982215
  Resolves: rhbz#1126757
  Resolves: rhbz#1167766
  Resolves: rhbz#1171806
- Fixed \w and \W behaviour in multibyte locales
  Resolves: rhbz#799863
- Documented --fixed-regexp option
  Resolves: rhbz#1103270

2.    Verify   -           Verifies file system contents against installed package in RPM DB.
Note: Return: ‘.’ Per test performed if the test passed
Note: If the test fails, one of the following will be returned:
5(MD5), S(file size), L(symlink), T(mod time), D(device), M(mode), ?(unreadable file), U(user), G(group)

a. ‘rpm –Vvf /bin/grep’            -           compares: /bin/grep to ‘grep’RPM
[root@server2 repo]# rpm -Vvf /bin/grep
.........    /bin/egrep
.........    /bin/fgrep
.........    /bin/grep
.........    /usr/share/doc/grep-2.20
.........  d /usr/share/doc/grep-2.20/ABOUT-NLS
.........  d /usr/share/doc/grep-2.20/AUTHORS
.........  d /usr/share/doc/grep-2.20/COPYING
.........  d /usr/share/doc/grep-2.20/ChangeLog
.........  d /usr/share/doc/grep-2.20/NEWS
.........  d /usr/share/doc/grep-2.20/README
.........  d /usr/share/doc/grep-2.20/THANKS
.........  d /usr/share/doc/grep-2.20/TODO
.........  d /usr/share/info/grep.info.gz
.........    /usr/share/locale/af/LC_MESSAGES/grep.mo
.........    /usr/share/locale/be/LC_MESSAGES/grep.mo
.........    /usr/share/locale/bg/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ca/LC_MESSAGES/grep.mo
.........    /usr/share/locale/cs/LC_MESSAGES/grep.mo
.........    /usr/share/locale/da/LC_MESSAGES/grep.mo
.........    /usr/share/locale/de/LC_MESSAGES/grep.mo
.........    /usr/share/locale/el/LC_MESSAGES/grep.mo
.........    /usr/share/locale/eo/LC_MESSAGES/grep.mo
.........    /usr/share/locale/es/LC_MESSAGES/grep.mo
.........    /usr/share/locale/et/LC_MESSAGES/grep.mo
.........    /usr/share/locale/eu/LC_MESSAGES/grep.mo
.........    /usr/share/locale/fi/LC_MESSAGES/grep.mo
.........    /usr/share/locale/fr/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ga/LC_MESSAGES/grep.mo
.........    /usr/share/locale/gl/LC_MESSAGES/grep.mo
.........    /usr/share/locale/he/LC_MESSAGES/grep.mo
.........    /usr/share/locale/hr/LC_MESSAGES/grep.mo
.........    /usr/share/locale/hu/LC_MESSAGES/grep.mo
.........    /usr/share/locale/id/LC_MESSAGES/grep.mo
.........    /usr/share/locale/it/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ja/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ko/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ky/LC_MESSAGES/grep.mo
.........    /usr/share/locale/lt/LC_MESSAGES/grep.mo
.........    /usr/share/locale/nb/LC_MESSAGES/grep.mo
.........    /usr/share/locale/nl/LC_MESSAGES/grep.mo
.........    /usr/share/locale/pa/LC_MESSAGES/grep.mo
.........    /usr/share/locale/pl/LC_MESSAGES/grep.mo
.........    /usr/share/locale/pt/LC_MESSAGES/grep.mo
.........    /usr/share/locale/pt_BR/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ro/LC_MESSAGES/grep.mo
.........    /usr/share/locale/ru/LC_MESSAGES/grep.mo
.........    /usr/share/locale/sk/LC_MESSAGES/grep.mo
.........    /usr/share/locale/sl/LC_MESSAGES/grep.mo
.........    /usr/share/locale/sr/LC_MESSAGES/grep.mo
.........    /usr/share/locale/sv/LC_MESSAGES/grep.mo
.........    /usr/share/locale/th/LC_MESSAGES/grep.mo
.........    /usr/share/locale/tr/LC_MESSAGES/grep.mo
.........    /usr/share/locale/uk/LC_MESSAGES/grep.mo
.........    /usr/share/locale/vi/LC_MESSAGES/grep.mo
.........    /usr/share/locale/zh_CN/LC_MESSAGES/grep.mo
.........    /usr/share/locale/zh_TW/LC_MESSAGES/grep.mo
.........  d /usr/share/man/man1/egrep.1.gz
.........  d /usr/share/man/man1/fgrep.1.gz
.........  d /usr/share/man/man1/grep.1.gz
[root@server2 repo]#

b. ‘mv /bin/grep /bin/grep.original && touch /bin/grep’
[root@server2 repo]# mv /bin/grep /bin/grep.original && touch /bin/grep

[root@server2 repo]# rpm -Vvf /bin/grep
.........    /bin/egrep
.........    /bin/fgrep
SM5....T.    /bin/grep
.........    /usr/share/doc/grep-2.20
.........  d /usr/share/doc/grep-2.20/ABOUT-NLS
.........  d /usr/share/doc/grep-2.20/AUTHORS
.........  d /usr/share/doc/grep-2.20/COPYING
.........  d /usr/share/doc/grep-2.20/ChangeLog
.........  d /usr/share/doc/grep-2.20/NEWS
.........  d /usr/share/doc/grep-2.20/README
.........  d /usr/share/doc/grep-2.20/THANKS
.........  d /usr/share/doc/grep-2.20/TODO
.........  d /usr/share/info/grep.info.gz

[root@server2 repo]# ls -l /bin/grep*
-rw-r--r--. 1 root root      0 Jan  8 15:44 /bin/grep
-rwxr-xr-x. 1 root root 167744 Sep 15 18:57 /bin/grep.original

[root@server2 repo]# md5sum /bin/grep*
d41d8cd98f00b204e9800998ecf8427e  /bin/grep
73944cef7564a4f84c9f916601a4c7d6  /bin/grep.original


[root@server2 repo]# stat /bin/grep*
  File: `/bin/grep'
  Size: 0               Blocks: 0          IO Block: 4096   regular empty file
Device: fd00h/64768d    Inode: 2388        Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2016-01-08 15:44:49.266719204 +0530
Modify: 2016-01-08 15:44:45.115719140 +0530
Change: 2016-01-08 15:44:45.115719140 +0530
  File: `/bin/grep.original'
  Size: 167744          Blocks: 328        IO Block: 4096   regular file
Device: fd00h/64768d    Inode: 13829       Links: 1
Access: (0755/-rwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2016-01-08 15:48:19.268718985 +0530
Modify: 2015-09-15 18:57:25.000000000 +0530
Change: 2016-01-08 15:44:45.114719132 +0530

SM5….T..          /bin/grep
S – file size of new rpm is different then it should be in actual.
M – MD5 checksum issue is there
T – Modification timeis different

3. Install – Works if package does NOT exist on the system
a. ‘rpm –ivh /repo/ grep-2.20-3.el6.x86_64.rpm’
[root@server2 repo]# rpm -ivh /repo/ftp-0.17-54.el6.x86_64.rpm
Preparing...                ########################################### [100%]
   1:ftp                    ########################################### [100%]

4. Upgrade – Install and or Upgrades
a. ‘rpm –Uvh /repo/ grep-2.20-3.el6.x86_64.rpm’
[root@server2 repo]# rpm -Uvh /repo/ftp-0.17-54.el6.x86_64.rpm
Preparing...                ########################################### [100%]
       package ftp-0.17-54.el6.x86_64 is already installed

Note: Package will only upgrade, incase if new version of package is available or if the package is currently not installed.

b. ‘rpm –Uvh –replacepkgs /repo/ grep-2.20-3.el6.x86_64.rpm’

5. Uninstall
a. ‘rpm –e grep’           - check dependencies and warns where appropriate
[root@server2 repo]# rpm -e grep
error: Failed dependencies:
       grep is needed by (installed) plymouth-scripts-0.8.3-27.el6_5.1.x86_64
       grep is needed by (installed) mysql-5.1.73-5.el6_6.x86_64
       grep is needed by (installed) nfs-utils-1:1.2.3-64.el6.x86_64
       grep is needed by (installed) kdelibs-6:4.3.4-23.el6_6.x86_64
       grep is needed by (installed) hal-0.5.14-14.el6.x86_64
       grep is needed by (installed) dracut-004-388.el6.noarch
       grep is needed by (installed) autofs-1:5.0.5-113.el6.x86_64
       grep is needed by (installed) libguestfs-1:1.20.11-14.el6.x86_64
       grep is needed by (installed) sysstat-9.0.4-27.el6.x86_64
       grep is needed by (installed) prelink-0.4.6-3.1.el6_4.x86_64
       grep is needed by (installed) tcsh-6.17-25.el6_6.x86_64
       /bin/egrep is needed by (installed) policycoreutils-2.0.83-24.el6.x86_64
       /bin/egrep is needed by (installed) redhat-lsb-core-4.0-7.el6.x86_64
       /bin/fgrep is needed by (installed) redhat-lsb-core-4.0-7.el6.x86_64
       /bin/grep is needed by (installed) redhat-lsb-core-4.0-7.el6.x86_64
       /bin/grep is needed by (installed) sysstat-9.0.4-27.el6.x86_64
       /bin/grep is needed by (installed) initscripts-9.03.49-1.el6_7.3.x86_64

b ‘rpm –e grep –nodeps’                     -           This will not check any dependency.

6. Import RedHat RPM GPG Key to confirm package signatures:
a. ‘rpm --import


Thank you for reading.

For Reading other article, visit to “https://sites.google.com/site/unixwikis/

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)