Archives

RPM (REDHAT Package Management)

Mar2

RPM has five basic modes of operation (not including package building)

1.      Installing                      –           i

2.      Upgrading                    –           U

3.      Freshening                   –           F

4.      Uninstalling                 –           e

5.      Querying                      –           q

6.      Verifying                     –           V

7.      Check signature                       –           K

Installing

rpm –i

v                      –           Verbose

h                      –           The package archive is unpacked

–force             –           force

–test                –           install simulate

–nodeps          –           don’t check dependency

Upgrading

rpm –Uvh

–force

–replacepkgs

–replacefiles

–oldpackage

Freshening

rpm –Fvh

Unistalling

rpm –ev

–force

–nodeps

Querying

rpm –q[options]

a        –           query all installed packages

c        –           List only configuration files (-l)

f         –           Query package owning file

d        –           List only documents file (-l)

g        –           Query packages with the group of GROUP

p        –           Package file (to specify the package name

l         –           List

i         –           Display packages information

s         –           Display the states of files (normal, not installed, replaced)

R        –           Requires

–last  –           listing by install time such

–whatprovides

Verifying

rpm –V

a        –           all

p        –           Specify the package

f         –           Specify the file

Check the signature

rpm –Kv

Examples

1.      How to install the rpm package

[root@linux Packages]# rpm -ivh firefox-3.6.24-3.el6_1.x86_64.rpm

warning: firefox-3.6.24-3.el6_1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Preparing…                ########################################### [100%]

1:firefox                ########################################### [100%]

2.      How uninstall the rpm package

[root@linux yum.repos.d]# rpm -ev firefox

3.      How to check the last installed rpm package with time and date

[root@linux Packages]# rpm -qa –last | head

firefox-3.6.24-3.el6_1                        Sun 16 Sep 2012 07:48:07 PM IST

ftp-0.17-51.1.el6                             Sat 15 Sep 2012 09:21:23 AM IST

ypserv-2.19-22.el6                            Sat 15 Sep 2012 08:16:55 AM IST

tree-1.5.3-2.el6                              Sat 15 Sep 2012 08:11:46 AM IST

words-3.0-17.el6                              Fri 20 Jul 2012 03:02:11 AM IST

man-pages-3.22-17.el6                         Fri 20 Jul 2012 03:02:11 AM IST

zd1211-firmware-1.4-4.el6                     Fri 20 Jul 2012 03:02:06 AM IST

xorg-x11-drv-ati-firmware-6.14.2-7.el6        Fri 20 Jul 2012 03:02:06 AM IST

rt73usb-firmware-1.8-7.el6                    Fri 20 Jul 2012 03:02:06 AM IST

rt61pci-firmware-1.2-7.el6                    Fri 20 Jul 2012 03:02:06 AM IST

4.      How to reinstall the package

[root@linux Packages]# rpm -Uvh firefox-3.6.24-3.el6_1.x86_64.rpm

warning: firefox-3.6.24-3.el6_1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Preparing…                ########################################### [100%]

package firefox-3.6.24-3.el6_1.x86_64 is already installed

[root@linux Packages]# rpm -Uvh –replacepkgs firefox-3.6.24-3.el6_1.x86_64.rpm

warning: firefox-3.6.24-3.el6_1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Preparing…                ########################################### [100%]

1:firefox                ########################################### [100%]

5.      Which rpm package does file belong to?

[root@linux Packages]# rpm -qf /etc/vsftpd/vsftpd.conf

vsftpd-2.2.2-6.el6_0.1.x86_64

6.      Locate documentation of a package that owns file using rpm –qdf and rpm -qdp

[root@linux Packages]# rpm -qdp firefox-3.6.24-3.el6_1.x86_64.rpm

warning: firefox-3.6.24-3.el6_1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

/usr/lib64/firefox-3.6/LICENSE

/usr/lib64/firefox-3.6/README.txt

/usr/share/man/man1/firefox.1.gz

[root@linux Packages]# rpm -qdf /usr/bin/createrepo

/usr/share/doc/createrepo-0.9.8/COPYING

/usr/share/doc/createrepo-0.9.8/ChangeLog

/usr/share/doc/createrepo-0.9.8/README

/usr/share/man/man1/mergerepo.1.gz

/usr/share/man/man1/modifyrepo.1.gz

/usr/share/man/man8/createrepo.8.gz

7.       How to check the configuration files

[root@linux Packages]# rpm -Kv vsftpd-2.2.2-6.el6_0.1.x86_64.rpm

vsftpd-2.2.2-6.el6_0.1.x86_64.rpm:

Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Header SHA1 digest: OK (8005076799a57ab5c13045b5dd0c2aa890c8ac03)

V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

MD5 digest: OK (25e1511c9e217d9d345dd2fb5f92503d)

8.      Information about installed RPM package using rpm –qi, rpm –qip, rpm –qfi

[root@linux ~]# rpm -qi vsftpd

Name        : vsftpd                       Relocations: (not relocatable)

Version     : 2.2.2                             Vendor: Red Hat, Inc.

Release     : 6.el6_0.1                     Build Date: Fri 04 Mar 2011 03:35:10 PM IST

Install Date: Thu 19 Jul 2012 09:58:04 PM IST      Build Host: hs20-bc2-3.build.redhat.com

Group       : System Environment/Daemons    Source RPM: vsftpd-2.2.2-6.el6_0.1.src.rpm

Size        : 338480                           License: GPLv2 with exceptions

Signature   : RSA/8, Wed 09 Mar 2011 07:39:28 PM IST, Key ID 199e2f91fd431d51

Packager    : Red Hat, Inc.

URL         : http://vsftpd.beasts.org/

Summary     : Very Secure Ftp Daemon

Description :

vsftpd is a Very Secure FTP daemon. It was written completely from

scratch.

[root@linux ~]# cd /var/ftp/pub/rhel6.2/Packages/

[root@linux Packages]# rpm -qip vsftpd-2.2.2-6.el6_0.1.x86_64.rpm

warning: vsftpd-2.2.2-6.el6_0.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Name        : vsftpd                       Relocations: (not relocatable)

Version     : 2.2.2                             Vendor: Red Hat, Inc.

Release     : 6.el6_0.1                     Build Date: Fri 04 Mar 2011 03:35:10 PM IST

Install Date: (not installed)               Build Host: hs20-bc2-3.build.redhat.com

Group       : System Environment/Daemons    Source RPM: vsftpd-2.2.2-6.el6_0.1.src.rpm

Size        : 338480                           License: GPLv2 with exceptions

Signature   : RSA/8, Wed 09 Mar 2011 07:39:28 PM IST, Key ID 199e2f91fd431d51

Packager    : Red Hat, Inc.

URL         : http://vsftpd.beasts.org/

Summary     : Very Secure Ftp Daemon

Description :

vsftpd is a Very Secure FTP daemon. It was written completely from

scratch.

9.      Verify a particular RPM package using rpm –Vp

[root@linux Packages]# rpm -Vp firefox-3.6.24-3.el6_1.x86_64.rpm

warning: firefox-3.6.24-3.el6_1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

10.  How to check the signature

[root@linux Packages]# rpm -Kv vsftpd-2.2.2-6.el6_0.1.x86_64.rpm

vsftpd-2.2.2-6.el6_0.1.x86_64.rpm:

Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

Header SHA1 digest: OK (8005076799a57ab5c13045b5dd0c2aa890c8ac03)

V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

MD5 digest: OK (25e1511c9e217d9d345dd2fb5f92503d)

11.  How to check the dependency rpm

[root@linux Packages]# rpm -qRp createrepo-0.9.8-4.el6.noarch.rpm

warning: createrepo-0.9.8-4.el6.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY

/bin/sh

/usr/bin/env

/usr/bin/python

deltarpm

libxml2-python

python >= 2.1

python(abi) = 2.6

python-deltarpm

rpm >= 4.1.1

rpm-python

rpmlib(CompressedFileNames) <= 3.0.4-1

rpmlib(FileDigests) <= 4.6.0-1

rpmlib(PartialHardlinkSets) <= 4.0.4-1

rpmlib(PayloadFilesHavePrefix) <= 4.0-1

yum >= 3.2.23-10

yum-metadata-parser

rpmlib(PayloadIsXz) <= 5.2-1

Review Questions

1. What two commands are used for package management?

2. What are the three modes in which the rpm command can operate?

3. What option would you use to query an installed package using the rpm

command?

4. How would you install a group of packages all at a single time?

5. What options with the yum command would you use to remove a package?

6. Where are Yum repository config files located?

7. What command can you use to create your own repositories?

8. What command is used to create an RPM package?

9. What are the five required directories when building RPMS?

10. If a package is built on an RHEL6 system and deployed to a custom RHEL5

repository, are RHEL5 systems able to use it?

Answers to Review Questions

1. The yum and rpm commands are used for package management.

2. The rpm command can operate in install, query, or verify modes.

3. You can use the -q option to query an installed package. Combining grep and

the -qa options, you can search among all installed packages on the system.

4. Use the yum groupinstall command to install multiple packages in a single

group at once.

5. You can use the remove or erase options with yum to remove a package.

6. Yum repository config files (.repo files) are located in the /etc/yum.repos.d directory.

You can also make direct entries into the main /etc/yum.conf file.

7. createrepo

8. rpmbuild

9. The five directories are BUILD, RPMS, SOURCES, SPECS, and SRPMS.

10. No. Red Hat Enterprise Linux 6 uses a different key to sign its packages.

YUM Server and Client Configuration in RHEL 6

Mar2

Server configuration steps
 
Yum server IP = 192.168.1.100
Yum server hostname = linux.example.com
Should be flush the iptables and restart the network service

iptables -L

iptables -F

service iptables save

service iptables restart

service network restart

Step 1: Insert the RHEL 6 CD

[root@server Desktop]# cd /media/RHEL_6.1\ x86_64\ Disc\ 1/Packages/

Yum server required packages

 

[root@server Packages]# rpm -ivh vsftpd*

[root@server Packages]# rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm

[root@server Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm

[root@server Packages]# rpm -ivh createrepo-0.9.8-4.el6.noarch.rpm

Step 2: Check the installed packages

[root@server1 Desktop]# rpm -qa vsftp*
vsftpd-2.2.2-6.el6_0.1.x86_64
[root@server1 Desktop]# rpm -qa deltarpm*
deltarpm-3.5-0.5.20090913git.el6.x86_64
[root@server1 Desktop]# rpm -qa python-deltarpm*
python-deltarpm-3.5-0.5.20090913git.el6.x86_64
[root@server1 Desktop]# rpm -qa createrepo*
createrepo-0.9.8-4.el6.noarch

Step 3 : FTP service start

 

[root@server Packages]# service vsftpd status

[root@server Packages]# service vsftpd start

[root@server Packages]# service vsftpd status

[root@server Packages]# chkconfig vsftpd on

Step 4: Copy the rhel6 dvd content

[root@server Packages]# cd

[root@server ~]# cp -rf /media/RHEL_6.1\ x86_64\ Disc\ 1/       /var/ftp/pub/

[root@server ~]# cd /var/ftp/pub/

[root@server pub]# ls

RHEL_6.1 x86_64 Disc 1

[root@server pub]# mv RHEL_6.1\ x86_64\ Disc\ 1/ rhel6.1

[root@server pub]# ls

rhel6.1

Step 5: Single mode installation createrepo

[root@server ~]# createrepo -v /var/ftp/pub/

[root@server ~]# cd /var/ftp/pub/

[root@server pub]# ls

repodata  rhel6.1

Step 6: Group installation createrepo

[root@server repodata]# cp –rf /var/ftp/pub/rhel6.1/repodata/5819e9580b5a81a9eec9e2c6e91fc9992a7ccadaa3bcd5ecb2e87a8669eefcec-comps-rhel6-Server.xml      /var/ftp/pub/repodata/

[root@server ~]# createrepo -g /var/ftp/pub/repodata/5819e9580b5a81a9eec9e2c6e91fc9992a7ccadaa3bcd5ecb2e87a8669eefcec-comps-rhel6-Server.xml /var/ftp/pub/

The above command creates the support files necessary for our yum repository and all supported files will be placed into repodata subdirectory. The createrepo command will create following files:

1.      repod.xml: This file keeps information about timestamps and checksum values for below three files

2.      primary.xml.gz: This file keeps list of the all the RPMs in the repository and dependency information.

3.      filelists.xml.gz: This file keeps a list of all the files in all the RPMs.

4.      other.xml.gz: This file contains additional information, including the changes logs for the RPMs.

5.      comps*.xml: This file keeps information about packages groups. This allows group installation.

If we add new rpms to the database, we will need to repeat the above command and this will create rpms group database with createrepo command.

Before, we re-run createrepo command to update the yum database, we need to create backup of comps*.xml file. This file can be backed up anywhere on the system, however, in this case We are backing up this file in /tmp folder. That can be done with following:

#cd   /var/ftp/pub/Packages/repodata

#cp   *comps*   /tmp/

Now, the file has been backed up, we will start updating the database. We will rebuild the yum repository with createrepo command. And then, we will update comps*.xml file for package group database.

#createrepo    /var/ftp/pub/Packages/

#createrepo -g  /tmp/*comps*   /var/ftp/pub/Packages/

 

Step 7 : Create the repo file.

[root@server ~]# vim /etc/yum.repos.d/server.repo

[server]

name=rhel6.1 yum server 64bit

baseurl=file:///var/ftp/pub

enabled=1

gpgcheck=0

gpgcheck This field tells yum server to check for packages signatures for its originality. 1 for “Yes” and 0 for “No”.

gpgkey  if you choose 1 or “Yes” for gpgcheck then you need to specify key to check signatures of the packages.

enabled Either ‘1’ or ‘0’. This tells YUM whether or not to use this repository.

[root@server ~]# yum clean all

[root@server ~]# yum makecache

[root@server ~]# yum list all

[root@server ~]# yum grouplist

—————————————————————————————————————————-

Yum client repo configuring

Yum client IP = 192.168.1.101

Yum client hostname = client1.example.com

[root@client~]# vim /etc/yum.repos.d/client.repo

[client]

name=rhel6.1 yum client 64bit

baseurl=ftp://192.168.1.100/pub

enabled=1

gpgcheck=0

 

[root@client~]# yum clean all

[root@server ~]# yum makecahe

[root@client~]# yum list all

[root@server ~]# yum grouplist

Patch Management in Linux using YUM

Mar2

Pre-requisites:

Installation of Red Hat Enterprise Linux 5.
Premium/Standard License for RHEL 5 32-bit or 64-bit servers (Note: RHEL 32-bit YUM Server will let    you apply patches on RHEL 32-bit OS. For 64-bit OS, you required YUM Server on RHEL 64-bit).
Createrepo,  yum-downloadonly, httpd packages to be installed on the server.
Installation and configuration of apache web server.
Copying the rpm’s from RHEL CD to the defined DocumentRoot Path mentioned in httpd configuration file.

Installation and Configuration of YUM Server:

Step 1: Creating a Repository using apache.

Installation of apache web server.
# rpm –ivh httpd

Modify httpd configuration file as mentioned below.
# vi /etc/httpd/conf/httpd.conf

ServerAdmin root@192.168.0.5
ServerName 192.168.0.5:80
DocumentRoot “/var/www/html”

Create folders as mentioned below.
# cd /var/www/html
# mkdir Server
# mkdir VT
# mkdir images

Copy all RHEL 5 RPM’s from CD to the Server, VT & images folders on the server.

Step 2: Create Database of RPM’s

Run createrepo command to create database of the rpm’s.
# cd /var/www/html/Server
# createrepo .
# cd /var/www/html/VT
# createrepo .
# cd /var/www/html/images
# createrepo .

Create group of RPM’s for installing group of packages.
# createrepo -g /var/www/html/Server/repodata/comps-rhel5-server-core.xml
# createrepo -g /var/www/html/VT/repodata/comps-rhel5-VT-core.xml

Step 3: Register your YUM Server with Red hat Network.

Ensure that the following entries have been added in host file and the URLs are accessible from the server.
# vi /etc/hosts
209.132.183.44  xmlrpc.rhn.redhat.com
209.132.183.43  satellite.rhn.redhat.com
209.132.183.42  rhn.redhat.com
Run rhn_register command and follow the instructions as printed on screen, create a system profile. (Note: You should have a valid subscription key)
De-select Location aware updates from RHN website of the registered machine. (Note: You should have a valid RHN login id.)

Yum is commonly used in major RPM based Linux distributions such as CentOS  and Redhat, it can help us perform automatic dependency checking. If you’d like to only download the RPM packages via yum and do not install/update them, it’s nearly impossible by default.

How can we download a RPM package using YUM? Generally, there are two ways, you can use either yum-downloadonly or yum-utils. 1, yum-downloadonly installation and usage example You just need to install a plugin called yum-downloadonly. This plugin supplies a new parameter called –downloadonly so that yum can download the package s without an further installation/upgrade. It’s much like apt-get‘s -d option in Ubuntu/Debian:

$ yum --help| grep download
Loaded plugins: downloadonly, fastestmirror
  --downloadonly        don't update, just download
  --downloaddir=DLDIR   specifies an alternate directory to store package
A further question is How can I install the download-only plugin for Yum? It’s as simple as a normal install, you just need to run:
yum install yum-downloadonly

Step 4: Download required updates & hot fixes from Red hat

Run below command to download RPM’s to configured repository.
# yum update -y –downloadonly –downloaddir=/var/www/html/Server/

2.yum-utils.noarch installation and usage example

Yum-utils is a collection of utilities and plugins extending and supplementing yum in different ways, and all the utilities are contained in yum-utils package, including the one that we need which is called yumdownloader.

# yum -y install yum-utils.noarch

Now we can use the yumdownloader command to download packages from yum repositories. Here’s an example:

# yumdownloader httpd

Re-run below command after downloading any new packages into repository.
# cd /var/www/html/Server
# createrepo –update .

Note : If any patch is released, First download it via download command as mentioned in step 4 and then only install on YUM Server using yum update command. Else, you won’t be able to download same patch again.

Configuration of YUM Client:

Step 1: Creation of Repo file for pointing the client to server for updates.
# vi /etc/yum.repos.d/Server.repo
[rhel-i386-server-5]
name=rhel-i386-server-5
baseurl=http://192.168.0.5/Server
enabled=1
gpgcheck=0

[rhel-i386-server-vt-5]
name=rhel-i386-server-vt-5
baseurl=http://192.168.0.5/VT
enabled=1
gpgcheck=0

Step 2: Configure Mail alerts for pending patches on client.
Note: You have to enable SMTP relay on the server.
# yum check-update | mailx -s “PATCHES PENDING on $HOSTNAME” abc@tcs.com

Step 3: Run Yum update command on quarterly basis to make your system up2date with latest patches and hot fixes.
# yum update

Note: Before updating the system, have a proper backup for the same.

Rollback Package updates/Installation on YUM Server and Client:

Step 1: To configure yum to save rollback information, add the line tsflags=repackage to /etc/yum.conf.

Step 2: To configure command-line rpm to do the same thing, add the line %_repackage_all_erasures 1 to /etc/rpm/macros. If /etc/rpm/macros. Does not exist, just create it.

Step 3: You can now install, erase and update packages with yum and/or rpm, and they will save roll back information.

Step 4: When you want to roll back, use rpm to do so.
You do this by specifying the –rollback switch and a date/time, like the examples below:
rpm -Uhv –rollback ’19:00′
rpm -Uhv –rollback ‘8 hours ago’
rpm -Uhv –rollback ‘december 31’
rpm -Uhv –rollback ‘yesterday’