rpm

Name

rpm -- RPM Package Manager

Synopsis

Querying:

rpm {-q | --query}
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE_NAME] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options] [query-options]

Maintaining installed packages:

rpm {-i | --install} [install-options] PACKAGE_FILE...

rpm {-U | --upgrade} [install-options] PACKAGE_FILE...

rpm {-F | --freshen} [install-options] PACKAGE_FILE...

rpm {-e | --erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--test] PACKAGE_NAME...

rpm {-V | --verify} [--nodeps] [--nofiles] [--nomd5] [--noscripts]
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE_NAME] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options] PACKAGE_NAME...

Signatures:

rpm {-K | --checksig} [signature-options] PACKAGE_FILE...

rpm {--addsign | --resign} PACKAGE_FILE...

Database maintenance:

rpm {--initdb | --rebuilddb}

Building:

rpm -bOPT [buildoptions] SPECFILE...

rpm -tOPT [buildoptions] TARBALL...

rpm {--rebuild | --recompile} SOURCEPKG...

rpm --tarbuild TARBALL...

Miscellaneous:

rpm {--querytags | --showrc}

rpm {--setperms | --setugids} PACKAGE...

Description

rpm is a powerful Package Manager, which can be used to build, install, query, verify, update, and erase individual software packages. A Package consists of an archive of files, and package information, including name, version, and description.

One of the following basic modes must be selected: Initialize Database, Rebuild Database, Build Package, Recompile Package, Build Package from Tarball, Query, Show Querytags, Install/Upgrade/Freshen, Uninstall, Verify, Signature Check, Resign, Add Signature, Set Owners/Groups, and Show Configuration.

General Options

These options can be used in all the different modes.

--dbpath DIRECTORY

Use the database in DIRECTORY rathen than the default path /var/lib/rpm

-?, --help

Print a longer usage message then normal.

--pipe CMD

Pipes the output of rpm to the command CMD.

--quiet

Print as little as possible - normally only error messages will be displayed.

--rcfile FILELIST

Each of the files in the colon separated FILELIST is read sequentially by rpm for configuration information. Only the first file in the list must exist, and tildes will be expanded to the value of $HOME. The default FILELIST is /usr/lib/rpm/rpmrc:/etc/rpmrc:~/.rpmrc.

--root DIRECTORY

Use the system rooted at DIRECTORY for all operations. Note that this means the database will be read or modified under DIRECTORY and any %pre or %post scriptlet(s) are run after a chroot(2) to DIRECTORY.

--version

Print a single line containing the version number of rpm being used.

-vv

Print lots of ugly debugging information.

Install and Upgrade Options

The general form of an rpm install command is

rpm {-i | --install} [install-options] PACKAGE_FILE...

This installs a new package.

The general form of an rpm upgrade command is

rpm {-U | --upgrade} [install-options] PACKAGE_FILE...

This upgrades or installs the package currently installed to a newer version. This is the same as install, except all other version(s) of the package are removed after the new package is installed.

rpm {-F | --freshen} [install-options] PACKAGE_FILE...

This will upgrade packages, but only if an earlier version currently exists. The PACKAGE_FILE may be specified as an ftp or http URL, in which case the package will be downloaded before being installed. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support.

--allfiles

Installs or upgrades all the missingok files in the package, regardless if they exist.

--badreloc

Used with --relocate, permit relocations on all file paths, not just those OLDPATH's included in the binary package relocation hint(s).

--excludepath OLDPATH

Don't install files whose name begins with OLDPATH.

--excludedocs

Don't install any files which are marked as documentation (which includes man pages and texinfo documents).

--force

Same as using --replacepkgs, --replacefiles, and --oldpackage.

-h, --hash

Print 50 hash marks as the package archive is unpacked. Use with -v | --verbose for a nicer display.

--ignoresize

Don't check mount file systems for sufficient disk space before installing this package.

--ignorearch

Allow installation or upgrading even if the architectures of the binary package and host don't match.

--ignoreos

Allow installation or upgrading even if the operating systems of the binary package and host don't match.

--includedocs

Install documentation files. This is the default behavior.

--justdb

Update only the database, not the filesystem.

--nodeps

Don't do a dependency check before installing or upgrading a package.

--noorder

Don't reorder the packages for an install. The list of packages would normally be reordered to satisfy dependancies.

--noscripts

Don't execute the %pre or %post scriptlet(s).

--notriggers

Don't execute scripts which are triggered by the installation of this package.

--oldpackage

Allow an upgrade to replace a newer package with an older one.

--percent

Print percentages as files are unpacked from the package archive. This is intended to make rpm easy to run from other tools.

--prefix NEWPATH

For relocateable binary packages, translate all file paths that start with the installation prefix in the package relocation hint(s) to NEWPATH.

--relocate OLDPATH=NEWPATH

For relocatable binary packages, translate all file paths that start with OLDPATH in the package relocation hint(s) to NEWPATH. This option can be used repeatedly if several OLDPATH's in the package are to be relocated.

--replacefiles

Install the packages even if they replace files from other, already installed, packages.

--replacepkgs

Install the packages even if some of them are already installed on this system.

--test

Do not install the package, simply check for and report potential conflicts.

Query Options

The general form of an rpm query command is

rpm {-q | --query}
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE_NAME] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options] [query-options]

You may specify the format that package information should be printed in. To do this, you use the

{--queryformat | -qf} QUERYFMT

option, followed by the QUERYFMT format string. Query formats are modifed versions of the standard printf(3) formatting. The format is made up of static strings (which may include standard C character escapes for newlines, tabs, and other special characters) and printf(3) type formatters. As rpm already knows the type to print, the type specifier must be omitted however, and replaced by the name of the header tag to be printed, enclosed by {} characters. Tag names are case insesitive, and the RPMTAG_ portion of the tag name may be omitted as well.

Alternate output formats may be requested by following the tag with :typetag. Currently, the following types are supported: octal, date, shescape, perms, fflags, and depflags. For example, to print only the names of the packages queried, you could use %{NAME} as the format string. To print the packages name and distribution information in two columns, you could use %-30{NAME}%{DISTRIBUTION}. rpm will print a list of all of the tags it knows about when it is invoked with the --querytags argument.

There are two subsets of options for querying: package selection, and information selection. Package selection options:

PACKAGE_NAME

Query installed package named PACKAGE_NAME.

-a, --all

Query all installed packages

-f, --file FILE

Query package owning FILE.

-g, --group GROUP

Query packages with the group of GROUP.

-p, --package URLFILE

Query an (uninstalled) package URLFILE. The URLFILE may be specified as an ftp or http style URL, in which case the package header will be downloaded and queried. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support. The URLFILE argument(s), if not a binary package, will be interpreted as an ASCII package manifest. Comments are permitted, starting with a '#', and each line of a package manifest file may include white space seperated glob expressions, including URL's with remote glob expressions, that will be expanded to paths that are substituted in place of the package manifest as additional URLFILE arguments to the query.

--querybynumber NUMBER

Query the NUMBERth database entry directly; this is helpful for debugging purposes.

--specfile SPECFILE

Parse and query SPECFILE as if it were a package. Although not all the information (e.g. file lists) is available, this type of query permits rpm to be used to extract information from spec files without having to write a specfile parser.

--triggeredby PACKAGE_NAME

Query packages that are triggered by package(s) PACKAGE_NAME.

--whatprovides CAPABILITY

Query all packages that provide the CAPABILITY capability.

--whatrequires CAPABILITY

Query all packages that requires CAPABILITY for proper functioning.

Information selection options:

--changelog

Display change information for the package.

-c, --configfiles

List only configuration files (implies -l).

-d, --docfiles

List only documentation files (implies -l).

--dump

Dump file information as follows: path size mtime md5sum mode owner group isconfig isdoc rdev symlink. This must be used with at least one of -l, -c, -d.

--filesbypkg

This lists all the files in each package.

-i, --info

Display package information, including name, version, and description. This uses the --queryformat if one was specified.

--last

Orders the package listing by install time such that the latest packages are at the top.

-l, --list

List files in package.

--provides

List capabilities this package provides.

-R, --requires

List packages on which this package depends.

--scripts

List the package specific scriptlet(s) that are used as part of the installation and uninstallation processes.

-s, --state

Display the states of files in the package (implies -l). The state of each file is one of normal, not installed, or replaced.

--triggers , --triggerscripts

Display the trigger scripts, if any, which are contained in the package.

Verify Options

The general form of an rpm verify command is

rpm {--verify | -V} [--nodeps] [--nofiles] [--nomd5] [--noscripts]
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options]

Verifying a package compares information about the installed files in the package with information about the files taken from the package metadata stored in the rpm database. Among other things, verifying compares the size, MD5 sum, permissions, type, owner and group of each file. Any discrepencies are displayed. Files that were not installed from the package, for example, documentation files excluded on installation using the "--excludedocs" option, will be silently ignored.

The package selection options are the same as for package querying (including package manifest files as arguments). Other options that can be used only in verify mode are:

--nodeps

Don't verify dependencies.

--nofiles

Don't verify files.

--nomd5

Don't verify file MD5 checksums.

--noscripts

Don't execute the %verifyscript scriptlet (if any).

The format of the output is a string of 8 characters, a possible "c" denoting a configuration file, and then the file name. Each of the 8 characters denotes the result of a comparison of attribute(s) of the file to the value of those attribute(s) recorded in the database. A single "." (period) means the test passed, while a single "?" indicates the test could not be performed (e.g. file permissions prevent reading). Otherwise, the (mnemonically emBoldened) character denotes failure of the corresponding --verify test:

S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mis-match
L readLink(2) path mis-match
U User ownership differs
G Group ownership differs
T mTime differs

Signature Checking

The general form of an rpm signature check command is

rpm --checksig FILE

This checks the PGP signature of package FILE to ensure its integrity and origin. PGP configuration information is read from configuration files. See the section on PGP SIGNATURES for details.

Erase Options

The general form of an rpm erase command is

rpm {-e | --erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--test] PACKAGE_NAME...

--allmatches

Remove all versions of the package which match PACKAGE_NAME. Normally an error is issued if PACKAGE_NAME matches multiple packages.

--nodeps

Don't check dependencies before uninstalling the packages.

--noscripts

Don't execute the %preun, or %postun scriptlet(s).

--notriggers

Don't execute scripts which are triggered by the removal of this package.

--test

Don't really uninstall anything, just go through the motions. Useful in conjunction with the -vv option.

Build Options

The general form of an rpm build command is

rpm {-bOPT | -tOPT} [build-options] FILE...

The argument used is -b if a spec file is being used to build the package and -t if rpm should look inside of a (possibly compressed) tar file for the spec file to use. After the first argument, the next character (OPT) specifies the stages of building and packaging to be done and is one of:

-bp

Executes the "%prep" stage from the spec file. Normally this involves unpacking the sources and applying any patches.

-bl

Do a "list check". The "%files" section from the spec file is macro expanded, and checks are made to verify that each file exists.

-bc

Do the "%build" stage from the spec file (after doing the %prep stage). This generally involves the equivalent of a "make".

-bi

Do the "%install" stage from the spec file (after doing the %prep and %build stages). This generally involves the equivalent of a "make install".

-bb

Build a binary package (after doing the %prep, %build, and %install stages).

-bs

Build just the source package.

-ba

Build binary and source packages (after doing the %prep, %build, and %install stages).

The following options may also be used:

--buildroot DIRECTORY

When building a package, override the BuildRoot tag with directory DIRECTORY.

--clean

Remove the build tree after the packages are made.

--rmsource

Remove the sources after the build (may also be used standalone, e.g. "rpm --rmsource foo.spec").

--rmspec

Remove the spec file after the build (may also be used standalone, eg. "rpm --rmspec foo.spec").

--short-circuit

Skip straight to specified stage (i.e., skip all stages leading up to the specified stage). Only valid with -bc and -bi.

--sign

Embed a PGP signature in the package. This signature can be used to verify the integrity and the origin of the package. See the section on PGP SIGNATURES for configuration details.

--target PLATFORM

When building the package, interpret PLATFORM as arch-vendor-os and set the macros %_target, %_target_arch, and %_target_os accordingly.

--test

Do not execute any build stages. Useful for testing out spec files.

Rebuild and Recompile Options

There are two other ways to invoke building with rpm:

rpm {--rebuild | --recompile} SOURCEPKG...

When invoked this way, rpm installs the named source package, and does a prep, compile and install. In addition, --rebuild builds a new binary package. When the build has completed, the build directory is removed (as in --clean) and the the sources and spec file for the package are removed.

Signing a Package

rpm {--addsign | --resign} PACKAGE_FILE...

The --addsign option generates and inserts new signatures for each package. Any existing signatures will be discarded.

The --resign option generates and appends signatures for the listed packages while preserving the existing signatures.

PGP Signatures

In order to use the signature feature, rpm must be configured to run PGP and be able to find a public key ring with Red Hat (or other vendor) public keys. By default, rpm uses the same conventions as PGP to find key rings, namely the $PGPPATH environment variable. If your key rings are not located where PGP expects them to be, you will need to configure the macro %_pgp_path to be the location of the PGP key rings to use.

If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the PGP manual). You will also need to configure the macros

%_signature

The signature type. Right now only pgp is supported.

%_pgp_name

The name of the "user" whose key you wish to use to sign your packages.

When building packages you then add --sign to the command line. You will be prompted for your pass phrase, and your package will be built and signed. For example, to be able to use PGP to sign packages as the user >"John Doe (jdoe@foo.com)"> from the key rings located in /etc/rpm/.pgp using the executable /usr/bin/pgp you would include %_signature pgp %_pgp_path /etc/rpm/.pgp %_pgp_name John Doe (jdoe@foo.com) %_pgpbin /usr/bin/pgp in a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user configuration.

Rebuild Database Options

The general form of an rpm rebuild database command is

rpm {--initdb | --rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]

Use --initdb to create a new database, use --rebuilddb to rebuild the database indices from the installed package headers.

Showrc

Running

rpm --showrc

shows the values rpm will use for all of the options that may be set in rpmrc and macros configuration files.

Ftp/Http Options

rpm can act as an FTP and/or HTTP client so that packages can be queried or installed from the internet. Package files for install, upgrade, and query operations may be specified as an ftp or http style URL:

ftp://USER:PASSWORD@HOST:PORT/path/to/package.rpm

If the :PASSWORD portion is omitted, the password will be prompted for (once per user/hostname pair). If both the user and password are omitted, anonymous ftp is used. In all cases, passive (PASV) ftp transfers are performed.

rpm allows the following options to be used with ftp URLs:

--ftpproxy HOST

The host HOST will be used as a proxy server for all ftp transfers, which allows users to ftp through firewall machines which use proxy systems. This option may also be specified by configuring the macro %_ftpproxy.

--ftpport HOST

The TCP PORT number to use for the ftp connection on the proxy ftp server instead of the default port. This option may also be specified by configuring the macro %_ftpport.

rpm allows the following options to be used with http URLs:

--httpproxy HOST

The host HOST will be used as a proxy server for all http transfers. This option may also be specified by configuring the macro %_httpproxy.

--httpport PORT

The TCP PORT number to use for the http connection on the proxy http server instead of the default port. This option may also be specified by configuring the macro %_httpport.

Files

/usr/lib/rpm/rpmrc
/etc/rpmrc
~/.rpmrc
/usr/lib/rpm/macros
/etc/rpm/macros
~/.rpmmacros
/var/lib/rpm/Conflictname
/var/lib/rpm/Basenames
/var/lib/rpm/Group
/var/lib/rpm/Name
/var/lib/rpm/Packages
/var/lib/rpm/Providename
/var/lib/rpm/Requirename
/var/lib/rpm/Triggername
/var/tmp/rpm*

See Also

rpm2cpio(8),
http://www.rpm.org/

Authors

Marc Ewing <marc@redhat.com>
Jeff Johnson <jbj@redhat.com>
Erik Troan <ewt@redhat.com>