Linux Patching Utility – RPM (RedHat Package Manager)

Introduction

This post gives a brief introduction about RPM (RedHat Package Manager).

rpm is a command line utility installed when the linux OS is installed. rpm exe is located in /bin

rpm executable is installed as a part of rpm-4.4.2-47.el5.i386.rpm package.

Following are the various options with rpm command.

rpm main options

rpm -i -> Install the package. If the package is present it wont install and will say “nothing to do”, even if we are trying to install a higher version of package. If the package is not present it will install the same.

If you use -v and -h with -i option rpm gives “preety” output. Example

[root@station5 Server]# rpm -i zsh-4.2.6-1.i386.rpm

[root@station5 Server]# rpm -ivh zsh-html-4.2.6-1.i386.rpm
warning: zsh-html-4.2.6-1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing…                ########################################### [100%]
1:zsh-html               ########################################### [100%]

i -> Install
v -> Verbose
h -> Hash (for progress bar)

rpm -U -> Upgrade the package. If a new version of package is present then it will upgrade an existing installed version. If package is not applied before then it will apply. So upgrade works whether or not package is installed in OS.
rpm -F -> Freshen the package. This works only for the packages that are installed. If a new version of some package comes for any of the install package, then freshen will install the latest version. But a new version of package comes which is not yet installed in the OS, the freshen will not instal the latest version.
rpm -e -> Uninstalling a package. -e (erase) will remove a package from your system. The package name must be the installed package name and not the rpm file name. Example: rpm -e zip

RPM support FTP and HTTP. Example
[root@station5 Server]# rpm -ivh ftp://server1.example.com/pub/zsh-html-4.2.6-1.i386.rpm

Installing a new kernel using rpm

Installing a new kernel is different process. Usually as explained above when a new version of package comes, we go for -U option which is upgrade. Now with upgrade what exactly happens is that rpm will remove all the existing files and installed the latest rpm package with latest files, Except for configuration files which are backed up with extension .rpmsave.

Kernel is the core of operating system. So when we install new kernel we are not sure whether it will be stable and will work without any issues. So for installing kernel package we use rpm -i (install option). When rpm sees that its the kernel file we are installing it does not overwrite the existing kernel file instead it will create a new kernel files and a new kernel will be installed without removing the old kernel. It will also update grub.conf file with the details of new kernel and when you reboot the system your new kernel will take effect.

Example: Installing a new kernel

[root@station5 errata]# ls -rlt /boot
total 5142
-rw-r–r– 1 root root 1791572 Oct 11  2007 vmlinuz-2.6.18-53.el5
-rw-r–r– 1 root root  903969 Oct 11  2007 System.map-2.6.18-53.el5
-rw-r–r– 1 root root   64551 Oct 11  2007 config-2.6.18-53.el5
-rw-r–r– 1 root root   87586 Oct 11  2007 symvers-2.6.18-53.el5.gz
drwx—— 2 root root   12288 Aug 25 16:37 lost+found
-rw——- 1 root root 2369794 Aug 25 16:41 initrd-2.6.18-53.el5.img
drwxr-xr-x 2 root root    1024 Aug 25 19:41 grub
[root@station5 errata]#

[root@station5 errata]# rpm -ivh kernel-2.6.18-92.el5.i686.rpm
warning: kernel-2.6.18-92.el5.i686.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing…                ########################################### [100%]
1:kernel                 ########################################### [100%]

[root@station5 errata]# cd /boot
[root@station5 boot]# ls -lrt
total 10315
-rw-r–r– 1 root root 1791572 Oct 11  2007 vmlinuz-2.6.18-53.el5
-rw-r–r– 1 root root  903969 Oct 11  2007 System.map-2.6.18-53.el5
-rw-r–r– 1 root root   64551 Oct 11  2007 config-2.6.18-53.el5
-rw-r–r– 1 root root   87586 Oct 11  2007 symvers-2.6.18-53.el5.gz
-rw-r–r– 1 root root 1806388 Apr 29 22:56 vmlinuz-2.6.18-92.el5
-rw-r–r– 1 root root  912686 Apr 29 22:56 System.map-2.6.18-92.el5
-rw-r–r– 1 root root   65406 Apr 29 22:56 config-2.6.18-92.el5
-rw-r–r– 1 root root   91734 Apr 29 22:56 symvers-2.6.18-92.el5.gz
drwx—— 2 root root   12288 Aug 25 16:37 lost+found
-rw——- 1 root root 2369794 Aug 25 16:41 initrd-2.6.18-53.el5.img
-rw——- 1 root root 2386531 Aug 25 20:23 initrd-2.6.18-92.el5.img
drwxr-xr-x 2 root root    1024 Aug 25 20:23 grub
[root@station5 boot]#

It will update grub.conf as well

title Red Hat Enterprise Linux Server (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=LABEL=/ rhgb quiet
initrd /initrd-2.6.18-92.el5.img
title Oracle OS
root (hd0,0)
kernel /vmlinuz-2.6.18-53.el5 ro root=/dev/sda3 rhgb quiet
initrd /initrd-2.6.18-53.el5.img

The default becomes the upgraded kernel.

You can decide which will be the default kernel using following file

[root@station5 boot]# cat /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes

# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel

If UPDATEDEFAULT parameter is set to “yes” then newly installed kernel becomes default. If this is set to no then newly installed kernel will not be the default.

Other rpm Options

Following are the various usage of rpm command.

1) If a package is installed or not

[root@localhost Server]# rpm -qa zip
zip-2.31-1.2.2

2) A particular file is installed from which package

[root@localhost bluetooth]# rpm -qf /lib/modules/2.6.18-53.el5/kernel/net/bluetooth/bluetooth.ko
kernel-2.6.18-53.el5

3) List of files in a package

[root@localhost bluetooth]# rpm -ql zip
/usr/bin/zip
/usr/bin/zipcloak
/usr/bin/zipnote
/usr/bin/zipsplit
/usr/share/doc/zip-2.31
/usr/share/doc/zip-2.31/BUGS
/usr/share/doc/zip-2.31/CHANGES
/usr/share/doc/zip-2.31/LICENSE
/usr/share/doc/zip-2.31/MANUAL
/usr/share/doc/zip-2.31/README
/usr/share/doc/zip-2.31/TODO
/usr/share/doc/zip-2.31/WHATSNEW
/usr/share/doc/zip-2.31/WHERE
/usr/share/doc/zip-2.31/algorith.txt
/usr/share/man/man1/zip.1.gz

4) Package general information

[root@localhost bluetooth]# rpm -qi zip
Name        : zip                          Relocations: (not relocatable)
Version     : 2.31                              Vendor: Red Hat, Inc.
Release     : 1.2.2                         Build Date: Thu 13 Jul 2006 10:33:56 AM IST
Install Date: Fri 29 Aug 2008 06:24:54 AM IST      Build Host: hs20-bc2-2.build.redhat.com
Group       : Applications/Archiving        Source RPM: zip-2.31-1.2.2.src.rpm
Size        : 302524                           License: distributable
Signature   : DSA/SHA1, Thu 18 Jan 2007 09:58:07 PM IST, Key ID 5326810137017186
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla&gt;
URL         : http://www.info-zip.org/pub/infozip/Zip.html
Summary     : A file compression and packaging utility compatible with PKZIP.
Description :
The zip program is a compression and file packaging utility.  Zip is
analogous to a combination of the UNIX tar and compress commands and
is compatible with PKZIP (a compression and file packaging utility for
MS-DOS systems).

Install the zip package if you need to compress files using the zip
program.

5) Check prerequisits for a package

[root@localhost Server]# rpm -qa zip –requires
libc.so.6
libc.so.6(GLIBC_2.0)
libc.so.6(GLIBC_2.1)
libc.so.6(GLIBC_2.2)
libc.so.6(GLIBC_2.3)
libc.so.6(GLIBC_2.3.4)
libc.so.6(GLIBC_2.4)
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)

6) Capability provided by rpm package

[root@localhost Server]# rpm -qa kernel –provides
kernel = 2.6.18
kernel-drm = 4.3.0
kernel-i686 = 2.6.18-53.el5
kernel(rhel5_gfs2_ga) = dc42db4764487d4d1e0e658af7ec2eef3c29d91e
kernel(rhel5_fs_lockd_ga) = 321666a6612cc9aa0ed9208fd0159456c9b1ffe3
kernel(rhel5_drivers_hwmon_ga) = 73ec105e064d9b09c6d44c6584f517b73a7d80ab
kernel(rhel5_net_core_ga) = 5aae342a66dcbcc14a7c1c001624f73a13620809
kernel(rhel5_drivers_net_ga) = f740f67835c214eb69aa8c623cb18a6c2ebcdc12
— output truncated —

7) To see the package revision history. The changes occured till now in that rpm package file

[root@localhost Server]# rpm -qa zip –changelog
* Thu Jul 13 2006 Jesse Keating <jkeating@redhat.com> – 2.31-1.2.2
– rebuild

* Sat Feb 11 2006 Jesse Keating <jkeating@redhat.com> – 2.31-1.2.1
– bump again for double-long bug on ppc(64)

* Wed Feb 08 2006 Jesse Keating <jkeating@redhat.com> – 2.31-1.2
– rebuilt for new gcc4.1 snapshot and glibc changes

— output truncated —

8) To check the scripts that runs upon installation or removal of rpm package

[root@localhost Server]# rpm -qa kernel –scripts
postinstall scriptlet (using /bin/sh):
if [ `uname -i` == “x86_64” -o `uname -i` == “i386” ]; then
if [ -f /etc/sysconfig/kernel ]; then
/bin/sed -i -e ‘s/^DEFAULTKERNEL=kernel-smp$/DEFAULTKERNEL=kernel/’ /etc/sysconfig/kernel || exit $?
fi
fi
/sbin/new-kernel-pkg –package kernel –mkinitrd –depmod –install 2.6.18-53.el5 || exit $?
if [ -x /sbin/weak-modules ]
then
/sbin/weak-modules –add-kernel 2.6.18-53.el5 || exit $?
fi
preuninstall scriptlet (using /bin/sh):
/sbin/new-kernel-pkg –rminitrd –rmmoddep –remove 2.6.18-53.el5 || exit $?
if [ -x /sbin/weak-modules ]
then
/sbin/weak-modules –remove-kernel 2.6.18-53.el5 || exit $?
fi

9) Verifying the installed package.

One can verify the installed package using rpm -V option. Verifying an installed package will compare the file size, permissions, type, owner, MD5 checksum and modified time against RPM database.

[root@localhost Server]# rpm -V zip-2.31-1.2.2.i386
[root@localhost Server]# rpm -V kernel
[root@localhost Server]#

rpm -Va will verify all the installed packages.
Example:
[root@localhost Server]# rpm -Va
S.5….T c /etc/sysconfig/system-config-securitylevel
…….T c /etc/kdump.conf
..5….T c /etc/pki/nssdb/secmod.db
SM5….T c /etc/sysconfig/iptables-config

rpm -Vp <Package_file.rpm> will check the integrity of installed package against rpm file and not with database.

Hope this helps !!

Advertisements

One thought on “Linux Patching Utility – RPM (RedHat Package Manager)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s