| rpm {-q | --query} |
| rpm {-i | --install} [install-options] PACKAGE_FILE... |
| rpm {-U | --upgrade} [install-options] PACKAGE_FILE... |
| rpm {-F | --freshen} [install-options] PACKAGE_FILE... |
| rpm {-e | --erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--test] PACKAGE_NAME... |
| rpm {-V | --verify} [--nodeps] [--nofiles] [--nomd5] [--noscripts] |
| rpm {-K | --checksig} [signature-options] PACKAGE_FILE... |
| rpm {--addsign | --resign} PACKAGE_FILE... |
| rpm {--initdb | --rebuilddb} |
| rpm -bOPT [buildoptions] SPECFILE... |
| rpm -tOPT [buildoptions] TARBALL... |
| rpm {--rebuild | --recompile} SOURCEPKG... |
| rpm --tarbuild TARBALL... |
| rpm {--querytags | --showrc} |
| rpm {--setperms | --setugids} PACKAGE... |
rpm is a powerful Package Manager, which can be used to build, install, query, verify, update, and erase individual software packages. A Package consists of an archive of files, and package information, including name, version, and description.
One of the following basic modes must be selected: Initialize Database, Rebuild Database, Build Package, Recompile Package, Build Package from Tarball, Query, Show Querytags, Install/Upgrade/Freshen, Uninstall, Verify, Signature Check, Resign, Add Signature, Set Owners/Groups, and Show Configuration.
These options can be used in all the different modes.
Use the database in DIRECTORY rathen than the default path /var/lib/rpm
Print a longer usage message then normal.
Pipes the output of rpm to the command CMD.
Print as little as possible - normally only error messages will be displayed.
Each of the files in the colon separated FILELIST is read sequentially by rpm for configuration information. Only the first file in the list must exist, and tildes will be expanded to the value of $HOME. The default FILELIST is /usr/lib/rpm/rpmrc:/etc/rpmrc:~/.rpmrc.
Use the system rooted at DIRECTORY for all operations. Note that this means the database will be read or modified under DIRECTORY and any %pre or %post scriptlet(s) are run after a chroot(2) to DIRECTORY.
Print a single line containing the version number of rpm being used.
Print lots of ugly debugging information.
The general form of an rpm install command is
rpm {-i | --install} [install-options] PACKAGE_FILE...
This installs a new package.
The general form of an rpm upgrade command is
rpm {-U | --upgrade} [install-options] PACKAGE_FILE...
This upgrades or installs the package currently installed to a newer version. This is the same as install, except all other version(s) of the package are removed after the new package is installed.
rpm {-F | --freshen} [install-options] PACKAGE_FILE...
This will upgrade packages, but only if an earlier version currently exists. The PACKAGE_FILE may be specified as an ftp or http URL, in which case the package will be downloaded before being installed. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support.
Installs or upgrades all the missingok files in the package, regardless if they exist.
Used with --relocate, permit relocations on all file paths, not just those OLDPATH's included in the binary package relocation hint(s).
Don't install files whose name begins with OLDPATH.
Don't install any files which are marked as documentation (which includes man pages and texinfo documents).
Same as using --replacepkgs, --replacefiles, and --oldpackage.
Print 50 hash marks as the package archive is unpacked. Use with -v | --verbose for a nicer display.
Don't check mount file systems for sufficient disk space before installing this package.
Allow installation or upgrading even if the architectures of the binary package and host don't match.
Allow installation or upgrading even if the operating systems of the binary package and host don't match.
Install documentation files. This is the default behavior.
Update only the database, not the filesystem.
Don't do a dependency check before installing or upgrading a package.
Don't reorder the packages for an install. The list of packages would normally be reordered to satisfy dependancies.
Don't execute the %pre or %post scriptlet(s).
Don't execute scripts which are triggered by the installation of this package.
Allow an upgrade to replace a newer package with an older one.
Print percentages as files are unpacked from the package archive. This is intended to make rpm easy to run from other tools.
For relocateable binary packages, translate all file paths that start with the installation prefix in the package relocation hint(s) to NEWPATH.
For relocatable binary packages, translate all file paths that start with OLDPATH in the package relocation hint(s) to NEWPATH. This option can be used repeatedly if several OLDPATH's in the package are to be relocated.
Install the packages even if they replace files from other, already installed, packages.
Install the packages even if some of them are already installed on this system.
Do not install the package, simply check for and report potential conflicts.
The general form of an rpm query command is
rpm {-q | --query}
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE_NAME] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options] [query-options]
You may specify the format that package information should be printed in. To do this, you use the
{--queryformat | -qf} QUERYFMT
option, followed by the QUERYFMT format string. Query formats are modifed versions of the standard printf(3) formatting. The format is made up of static strings (which may include standard C character escapes for newlines, tabs, and other special characters) and printf(3) type formatters. As rpm already knows the type to print, the type specifier must be omitted however, and replaced by the name of the header tag to be printed, enclosed by {} characters. Tag names are case insesitive, and the RPMTAG_ portion of the tag name may be omitted as well.Alternate output formats may be requested by following the tag with :typetag. Currently, the following types are supported: octal, date, shescape, perms, fflags, and depflags. For example, to print only the names of the packages queried, you could use %{NAME} as the format string. To print the packages name and distribution information in two columns, you could use %-30{NAME}%{DISTRIBUTION}. rpm will print a list of all of the tags it knows about when it is invoked with the --querytags argument.
There are two subsets of options for querying: package selection, and information selection. Package selection options:
Query installed package named PACKAGE_NAME.
Query all installed packages
Query package owning FILE.
Query packages with the group of GROUP.
Query an (uninstalled) package URLFILE. The URLFILE may be specified as an ftp or http style URL, in which case the package header will be downloaded and queried. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support. The URLFILE argument(s), if not a binary package, will be interpreted as an ASCII package manifest. Comments are permitted, starting with a '#', and each line of a package manifest file may include white space seperated glob expressions, including URL's with remote glob expressions, that will be expanded to paths that are substituted in place of the package manifest as additional URLFILE arguments to the query.
Query the NUMBERth database entry directly; this is helpful for debugging purposes.
Parse and query SPECFILE as if it were a package. Although not all the information (e.g. file lists) is available, this type of query permits rpm to be used to extract information from spec files without having to write a specfile parser.
Query packages that are triggered by package(s) PACKAGE_NAME.
Query all packages that provide the CAPABILITY capability.
Query all packages that requires CAPABILITY for proper functioning.
Information selection options:
Display change information for the package.
List only configuration files (implies -l).
List only documentation files (implies -l).
Dump file information as follows: path size mtime md5sum mode owner group isconfig isdoc rdev symlink. This must be used with at least one of -l, -c, -d.
This lists all the files in each package.
Display package information, including name, version, and description. This uses the --queryformat if one was specified.
Orders the package listing by install time such that the latest packages are at the top.
List files in package.
List capabilities this package provides.
List packages on which this package depends.
List the package specific scriptlet(s) that are used as part of the installation and uninstallation processes.
Display the states of files in the package (implies -l). The state of each file is one of normal, not installed, or replaced.
Display the trigger scripts, if any, which are contained in the package.
The general form of an rpm verify command is
rpm {--verify | -V} [--nodeps] [--nofiles] [--nomd5] [--noscripts]
[PACKAGE_NAME] [-a, --all] [-f, --file FILE] [-g, --group GROUP]
[-p, --package URLFILE] [--querybynumber NUMBER] [--triggeredby PACKAGE] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]
[pkgselect-options]
Verifying a package compares information about the installed files in the package with information about the files taken from the package metadata stored in the rpm database. Among other things, verifying compares the size, MD5 sum, permissions, type, owner and group of each file. Any discrepencies are displayed. Files that were not installed from the package, for example, documentation files excluded on installation using the "--excludedocs" option, will be silently ignored.
The package selection options are the same as for package querying (including package manifest files as arguments). Other options that can be used only in verify mode are:
Don't verify dependencies.
Don't verify files.
Don't verify file MD5 checksums.
Don't execute the %verifyscript scriptlet (if any).
The format of the output is a string of 8 characters, a possible "c" denoting a configuration file, and then the file name. Each of the 8 characters denotes the result of a comparison of attribute(s) of the file to the value of those attribute(s) recorded in the database. A single "." (period) means the test passed, while a single "?" indicates the test could not be performed (e.g. file permissions prevent reading). Otherwise, the (mnemonically emBoldened) character denotes failure of the corresponding --verify test:
| S file Size differs |
| M Mode differs (includes permissions and file type) |
| 5 MD5 sum differs |
| D Device major/minor number mis-match |
| L readLink(2) path mis-match |
| U User ownership differs |
| G Group ownership differs |
| T mTime differs |
The general form of an rpm signature check command is
rpm --checksig FILE
This checks the PGP signature of package FILE to ensure its integrity and origin. PGP configuration information is read from configuration files. See the section on PGP SIGNATURES for details.
The general form of an rpm erase command is
rpm {-e | --erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--test] PACKAGE_NAME...
Remove all versions of the package which match PACKAGE_NAME. Normally an error is issued if PACKAGE_NAME matches multiple packages.
Don't check dependencies before uninstalling the packages.
Don't execute the %preun, or %postun scriptlet(s).
Don't execute scripts which are triggered by the removal of this package.
Don't really uninstall anything, just go through the motions. Useful in conjunction with the -vv option.
The general form of an rpm build command is
rpm {-bOPT | -tOPT} [build-options] FILE...
The argument used is -b if a spec file is being used to build the package and -t if rpm should look inside of a (possibly compressed) tar file for the spec file to use. After the first argument, the next character (OPT) specifies the stages of building and packaging to be done and is one of:
Executes the "%prep" stage from the spec file. Normally this involves unpacking the sources and applying any patches.
Do a "list check". The "%files" section from the spec file is macro expanded, and checks are made to verify that each file exists.
Do the "%build" stage from the spec file (after doing the %prep stage). This generally involves the equivalent of a "make".
Do the "%install" stage from the spec file (after doing the %prep and %build stages). This generally involves the equivalent of a "make install".
Build a binary package (after doing the %prep, %build, and %install stages).
Build just the source package.
Build binary and source packages (after doing the %prep, %build, and %install stages).
The following options may also be used:
When building a package, override the BuildRoot tag with directory DIRECTORY.
Remove the build tree after the packages are made.
Remove the sources after the build (may also be used standalone, e.g. "rpm --rmsource foo.spec").
Remove the spec file after the build (may also be used standalone, eg. "rpm --rmspec foo.spec").
Skip straight to specified stage (i.e., skip all stages leading up to the specified stage). Only valid with -bc and -bi.
Embed a PGP signature in the package. This signature can be used to verify the integrity and the origin of the package. See the section on PGP SIGNATURES for configuration details.
When building the package, interpret PLATFORM as arch-vendor-os and set the macros %_target, %_target_arch, and %_target_os accordingly.
Do not execute any build stages. Useful for testing out spec files.
There are two other ways to invoke building with rpm:
rpm {--rebuild | --recompile} SOURCEPKG...
When invoked this way, rpm installs the named source package, and does a prep, compile and install. In addition, --rebuild builds a new binary package. When the build has completed, the build directory is removed (as in --clean) and the the sources and spec file for the package are removed.
rpm {--addsign | --resign} PACKAGE_FILE...
The --addsign option generates and inserts new signatures for each package. Any existing signatures will be discarded.
The --resign option generates and appends signatures for the listed packages while preserving the existing signatures.
In order to use the signature feature, rpm must be configured to run PGP and be able to find a public key ring with Red Hat (or other vendor) public keys. By default, rpm uses the same conventions as PGP to find key rings, namely the $PGPPATH environment variable. If your key rings are not located where PGP expects them to be, you will need to configure the macro %_pgp_path to be the location of the PGP key rings to use.
If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the PGP manual). You will also need to configure the macros
The signature type. Right now only pgp is supported.
The name of the "user" whose key you wish to use to sign your packages.
When building packages you then add --sign to the command line. You will be prompted for your pass phrase, and your package will be built and signed. For example, to be able to use PGP to sign packages as the user >"John Doe (jdoe@foo.com)"> from the key rings located in /etc/rpm/.pgp using the executable /usr/bin/pgp you would include %_signature pgp %_pgp_path /etc/rpm/.pgp %_pgp_name John Doe (jdoe@foo.com) %_pgpbin /usr/bin/pgp in a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user configuration.
The general form of an rpm rebuild database command is
rpm {--initdb | --rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]
Use --initdb to create a new database, use --rebuilddb to rebuild the database indices from the installed package headers.
Running
rpm --showrc
shows the values rpm will use for all of the options that may be set in rpmrc and macros configuration files.
rpm can act as an FTP and/or HTTP client so that packages can be queried or installed from the internet. Package files for install, upgrade, and query operations may be specified as an ftp or http style URL:
ftp://USER:PASSWORD@HOST:PORT/path/to/package.rpm
If the :PASSWORD portion is omitted, the password will be prompted for (once per user/hostname pair). If both the user and password are omitted, anonymous ftp is used. In all cases, passive (PASV) ftp transfers are performed.
rpm allows the following options to be used with ftp URLs:
The host HOST will be used as a proxy server for all ftp transfers, which allows users to ftp through firewall machines which use proxy systems. This option may also be specified by configuring the macro %_ftpproxy.
The TCP PORT number to use for the ftp connection on the proxy ftp server instead of the default port. This option may also be specified by configuring the macro %_ftpport.
rpm allows the following options to be used with http URLs:
The host HOST will be used as a proxy server for all http transfers. This option may also be specified by configuring the macro %_httpproxy.
The TCP PORT number to use for the http connection on the proxy http server instead of the default port. This option may also be specified by configuring the macro %_httpport.