rpm 中文man页面

NAME

rpm - RPM 软件包管理器  

SYNOPSIS

查询和校验软件包：

rpm {-q|--query} [select-options] [query-options]

rpm {-V|--verify} [select-options] [verify-options]

rpm --import PUBKEY ...

rpm {-K|--checksig} [--nosignature] [--nodigest]
    PACKAGE_FILE ...

安装，升级和卸载软件包：

rpm {-i|--install} [install-options] PACKAGE_FILE ...

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts]
    [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

其他：

rpm {--initdb|--rebuilddb}

rpm {--addsign|--resign} PACKAGE_FILE ...

rpm {--querytags|--showrc}

rpm {--setperms|--setugids} PACKAGE_NAME ...

选择选项

 [PACKAGE_NAME] [-a,--all] [-f,--file FILE]
 [-g,--group GROUP] {-p,--package PACKAGE_FILE]
 [--fileid MD5] [--hdrid SHA1] [--pkgid MD5] [--tid TID]
 [--querybynumber HDRNUM] [--triggeredby PACKAGE_NAME]
 [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]

查询选项

 [--changelog] [-c,--configfiles] [-d,--docfiles] [--dump]
 [--filesbypkg] [-i,--info] [--last] [-l,--list]
 [--provides] [--qf,--queryformat QUERYFMT]
 [-R,--requires] [--scripts] [-s,--state]
 [--triggers,--triggerscripts]

校验选项

 [--nodeps] [--nofiles] [--noscripts]
 [--nodigest] [--nosignature]
 [--nolinkto] [--nomd5] [--nosize] [--nouser]
 [--nogroup] [--nomtime] [--nomode] [--nordev]

安装选项

 [--aid] [--allfiles] [--badreloc] [--excludepath OLDPATH]
 [--excludedocs] [--force] [-h,--hash]
 [--ignoresize] [--ignorearch] [--ignoreos]
 [--includedocs] [--justdb] [--nodeps]
 [--nodigest] [--nosignature] [--nosuggest]
 [--noorder] [--noscripts] [--notriggers]
 [--oldpackage] [--percent] [--prefix NEWPATH]
 [--relocate OLDPATH=NEWPATH]
 [--repackage] [--replacefiles] [--replacepkgs]
 [--test]

DESCRIPTION

rpm 是一个强大的 软件包管理器，可以用来构建，安装，查询，校验，升级和卸载单独的软件打包。一个 打包 包括文件的归档，以及用来安装和卸载归档文件的元信息。元信息包括辅助脚本，文件属性以及打包的描述性信息。打包 有两种，二进制打包，用来封装要安装的软件；源代码打包，包含源代码以及为生成二进制打包，必要的文件。

必须选择下列模式之一： Query 查询, Verify 校验, Signature Check 检查签名, Install/Upgrade/Freshen 安装/升级/更新, Uninstall 卸载, Initialize Database 初始化数据库, Rebuild Database 重构数据库, Resign 重签名, Add Signature 添加签名, Set Owners/Groups 设置属主, Show Querytags 显示查询标记, 以及 Show Configuration 显示配置.  

一般选项

这些选项可以用在所有不同的模式中。

-?, --help

输出更长的帮助信息。

--version

输出一行信息，包括使用的 rpm 的版本号。

--quiet

输出尽可能少的信息 - 通常只有错误会显示。

-v

输出冗余信息 - 通常，常规的进度信息将显示。

-vv

输出大量丑陋的调试信息。

--rcfile FILELIST

FILELIST 中冒号分隔的每个文件名都被 rpm 按顺序读取，从中获得配置信息。只有列表的第一个文件必须存在，波浪线将被替换为 $HOME。默认的 FILELIST 是 /usr/lib/rpm/rpmrc:/usr/lib/rpm/redhat/rpmrc:/etc/rpmrc:~/.rpmrc

--pipe CMD

将 rpm 的输出通过管道送到命令 CMD。

--dbpath DIRECTORY

使用 DIRECTORY 中的数据库，而不是默认的路径 /var/lib/rpm

--root DIRECTORY

以 DIRECTORY 作为根文件系统，进行所有操作。这意味着将使用 DIRECTORY 中的数据库来进行依赖性检测，任何小程序 (也就是安装中的 %post 和构建中的 %prep) 都将在一个 chroot(2) 到 DIRECTORY 之后执行。

安装和升级选项

安装命令的一般形式是

rpm {-i|--install} [install-options] PACKAGE_FILE ...

这样安装了一个新软件包。

升级命令的一般形式是

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

这样安装或升级已安装的软件包到新版本。它与安装类似，只是所有其他版本的打包在新软件包安装后都将移除。

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

仅当系统中存在更早的版本时，这样会升级软件包。PACKAGE_FILE 必须指定为 ftp 或 http URL，这样软件包可以在安装之前去下载。参见 FTP/HTTP OPTIONS 中有关 rpm 的内嵌 ftp 和 http 客户端支持。

--aid

需要时将建议的软件包加入事务集。

--allfiles

安装或升级软件包中所有 missingok 文件，哪怕它们已经存在。

--badreloc

与 --relocate 搭配使用，允许所有文件的重定位，而不仅仅是在二进制打包中，重定位提示包含的那些 OLDPATH。

--excludepath OLDPATH

不安装名称以 OLDPATH 开始的文件。

--excludedocs

不安装任何标记为文档的文件 (包括手册页和 texinfo)。

--force

与使用 --replacepkgs, --replacefiles, 以及 --oldpackage 相同。

-h, --hash

在打包被解压时，输出 50 个 hash 符号 (#)，用来与 -v|--verbose 配合，得到漂亮一点的输出。

--ignoresize

安装前不检测已挂载文件系统的空闲空间。

--ignorearch

允许安装或升级，即使二进制打包的体系结构与主机不匹配。

--ignoreos

允许安装或升级，即使二进制打包的操作系统与主机不匹配。

--includedocs

安装文档文件。这是默认的行为。

--justdb

只更新数据库，不更新文件系统。

--nodigest

读取时不校验打包或头部校验。

--nosignature

读取时不校验打包或头部签名。

--nodeps

在安装或升级前，不进行依赖性检测。

--nosuggest

不建议提供了所需依赖关系的软件包。

--noorder

不为安装重排序。通常软件包列表会被重排序，以满足依赖性关系。

--noscripts

--nopre

--nopost

--nopreun

--nopostun

不执行对应的小程序。--noscripts 选项与

--nopre --nopost --nopreun --nopostun

等价，将 %pre, %post, %preun, 和 %postun 小程序全部关闭。

--notriggers

--notriggerin

--notriggerun

--notriggerpostun

不执行任何对应的触发小程序。--notriggers 选项与

--notriggerin --notriggerun --notriggerpostun

等价，将 %triggerin, %triggerun, 和 %triggerpostun 小程序全部关闭。

--oldpackage

允许用旧软件包替换一个新软件包。

--percent

打印从软件包中解压文件的百分比。这是为了使 rpm 在其他工具中运行时简单一些。

--prefix NEWPATH

对于可重定位的包，将以软件包重定位提示的安装前缀开始的所有文件路径转换为以 NEWPATH 开始。

--relocate OLDPATH=NEWPATH

对于克重定位的二进制打包，将软件包重定位提示中，以 OLDPATH 开始的文件路径转换为以 NEWPATH 开始。这一选项可以使用多次，如果软件包中多个 OLDPATH 要重定位的话。

--repackage

在卸载前重新打包文件。过去安装的打包将根据宏 %_repackage_name_fmt 命名，将创建于宏 %_repackage_dir 指定的目录中 (默认值是 /var/spool/repackage)。

--replacefiles

安装软件包，即使他们替换了其他已安装的软件包的文件。

--replacepkgs

安装软件包，即使其中有些软件包已经被安装到了系统中。

--test

不安装软件包，仅仅检测并报告可能的冲突。

卸载选项

卸载命令的一般形式是

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

同时还可以用下列选项：

--allmatches

删除匹配 PACKAGE_NAME 的软件包的所有版本。通常情况下，如果 PACKAGE_NAME 匹配多个软件包将导致错误。

--nodeps

在卸载前不检测依赖关系。

--noscripts

--nopreun

--nopostun

不执行相应的小程序。--noscripts 选项在卸载过程中等价于

--nopreun --nopostun

将 %preun, 和 %postun 小程序的执行关闭。

--notriggers

--notriggerun

--notriggerpostun

不执行相应的触发小程序。--notriggers 选项等价于

--notriggerun --notriggerpostun

将 %triggerun, 和 %triggerpostun 小程序的执行关闭。

--repackage

卸载前重新打包文件。过去安装的软件包将根据宏 %_repackage_name_fmt 命名，存放到宏 %_repackage_dir 定义的目录中 (默认值是 /var/spool/repackage)。

--test

不真正卸载任何东西，仅仅尝试它们。与 -vv 选项联合使用，在调试时很有用。

查询选项

查询命令的一般形式是

rpm {-q|--query} [select-options] [query-options]

可以指定输出时软件包信息的格式。为此，使用选项

 --qf|--queryformat QUERYFMT

附带 QUERYFMT 格式化字符串。查询命令是标准的 printf(3) 格式的修改版本。格式包括静态字符串 (可能包括标准的 C 转义字符，新行符，跳格以及其他特殊字符) 以及 printf(3) 类型标记。由于 rpm 已知输出类型，因此应当忽略类型标记，使用头部字段名来代替，包含在 {} 中。字段名是大小写不敏感的，起始的 RPMTAG_ 部分可以被忽略。

可选的输出格式是用 :typetag 表示。当前，支持的类型有：

:armor

将公钥以 ASCII 包装。

:base64

以 base64 编码二进制数据。

:date

使用 strftime(3) "%c" 格式。

:day

使用 strftime(3) "%a %b %d %Y" 格式。

:depflags

格式化依赖性标志。

:fflags

格式化文件标志。

:hex

以十六进制格式化。

:octal

以八进制格式化。

:perms

格式化文件权限。

:shescape

转义单引号，用于脚本。

:triggertype

显示触发的后缀。

例如，要只输出所查询的软件包的名称，可以使用 %{NAME} 作为格式化字符串。要分两列输出软件包名称和发行版信息，可以用 %-30{NAME}%{DISTRIBUTION}。如果执行时使用 --querytags 参数，rpm 将输出它已知的所有标记列表。

查询的选项有两个子集：软件包选择和信息选择。  

软件包选择选项：

PACKAGE_NAME

查询名称为 PACKAGE_NAME 的已安装软件包。

-a, --all

查询所有已安装软件包。

-f, --file FILE

查询包含 FILE 的软件包。

--fileid MD5

查询包含给定文件描述字的软件包，例如，文件内容的 MD5 校验和。

-g, --group GROUP

查询属主为 GROUP 的软件包。

--hdrid SHA1

查询包含给定头部描述字的软件包，例如，不可变头部区域的 SHA1 校验和。

-p, --package PACKAGE_FILE

查询 (未安装的) 软件包 PACKAGE_FILE。这个文件可以指定为一个 ftp 或 http 样式的 URL，这时软件包头部将被下载并查询。参见 FTP/HTTP OPTIONS 中有关 rpm 的内部 ftp 和 http 客户端支持信息。参数 PACKAGE_FILE 如果不是一个二进制文件，将被解释为一个 ASCII 软件包说明。其中可以有以 '#' 开始的注释，其他的每行都可以包含以空格分隔的匹配表达式，如果是远程的地址，也包括 URL。这些将被扩展为路径，替换 manifest 参数的位置，作为 PACKAGE_FILE 参数的附加查询内容。

--pkgid MD5

查询含有给定软件包描述字的软件包，例如，包的头部以及有效内容的 MD5 校验和。

--querybynumber HDRNUM

直接查询第 HDRNUM 个数据库入口；这只在调试时有用。

--specfile SPECFILE

解释并查询 SPECFILE，就好像它是一个软件包。尽管并非所有信息都可获得，但这种查询允许 rpm 从 spec 文件中抽取信息，而不必写一个解释器。

--tid TID

查询包含给定 TID 事务描述字的软件包。当前使用 unix 时间戳作为事务描述字。任何在一次事务中安装或卸载的软件包拥有相同的描述字。

--triggeredby PACKAGE_NAME

查询被软件包 PACKAGE_NAME 触发的软件包。

--whatprovides CAPABILITY

查询提供了 CAPABILITY 能力的软件包。

--whatrequires CAPABILITY

查询所有需要 CAPABILITY 才能运作的软件包。

软件包查询选项：

--changelog

显示软件包的修改信息。

-c, --configfiles

只显示配置文件 (暗含了 -l).

-d, --docfiles

只显示文档文件 (暗含了 -l).

--dump

转储文件信息：

path size mtime md5sum mode owner group isconfig isdoc rdev symlink
        

这个选项必须与至少下列之一联合使用 -l, -c, -d.

--filesbypkg

列出所选每个软件包中的文件。

-i, --info

显示软件包信息，包括名称，版本，描述。如果指定了 --queryformat 就使用它。

--last

列出软件包时，以安装时间排序，最新的在上面。

-l, --list

列出软件包中的文件。

--provides

列出软件包提供的特性。

-R, --requires

列出软件包依赖的其他软件包。

--scripts

列出软件包自定义的小程序，他们是安装和卸载等等过程的一部分。

-s, --state

显示软件包中文件的状态 states (暗含了 -l)。每个文件的状态是 normal, not installed, 或 replaced 其中之一。

--triggers, --triggerscripts

显示软件包中包含的触发脚本，如果有的话。

校验选项

校验命令的一般形式是

rpm {-V|--verify} [select-options] [verify-options]

校验软件包，是将已安装的文件的信息，与从软件包中获取的保存在 rpm 数据库中的有关文件的元数据进行比较。校验比较的内容有每个文件的大小，MD5 校验和，许可，类型，属主。任何不对的地方都回显示出来。如果软件包中文件未安装，例如在安装过程中使用 "--excludedocs" 选项跳过的文档，将被跳过。

软件包选择选项与软件包查询是相同的 (包括以说明文件作为参数)。其他独有的选项包括：

--nodeps

不校验软件包的依赖关系。

--nodigest

读取时不校验软件包或头部校验。

--nofiles

不校验文件的任何属性。

--noscripts

不执行 %verifyscript 小程序，如果有的话。

--nosignature

读取时不校验软件包或头部签名。

--nolinkto

--nomd5

--nosize

--nouser

--nogroup

--nomtime

--nomode

--nordev

不校验相应的文件属性。

输出是 8 个字符的字符串，可能的属性标记为：

c %config 配置文件
d %doc 文档
g %ghost 占位文档 (就是说，文件内容不包含在软件包有效内容里面)
l %license 许可文件
r %readme 说明文件

从头部开始，接下来是文件名，每 8 个字符表示将文件属性与数据库中记录的值进行一次比较的结果。一个单独的 "." (句点) 表示测试通过了，而一个单独的 "?" (问号) 表示测试可能无法进行 (例如，文件许可禁止了读权限)。最后，加重的字母表示相应的 --verify 测试失败了。

S file Size 大小不一致
M Mode 模式不一致 (包括许可和文件类型)
5 MD5 sum 校验和不一致
D Device 主从设备号不匹配
L readLink(2) 路径不匹配
U User 属主不一致
G Group 组属主不一致
T mTime 时间不一致

数字签名和校验

数字签名命令的一般形式是

rpm --import PUBKEY ...

rpm {--checksig} [--nosignature] [--nodigest]
    PACKAGE_FILE ...

选项 --checksig 用来检测 PACKAGE_FILE 中所有的签名和摘要，保证打包的完整性和来源。注意在读取打包时总会检测签名，而 --checksig 在校验与某个打包关联的所有签名和摘要时有用。

没有公钥就无法校验数字签名。可以用 --import 来向 rpm 数据库添加 ASCII 文本化的公钥。每个导入的公钥都有一个头部，钥匙环的管理与软件包管理完全类似。例如，要显示所有已导入的公钥，使用：

rpm -qa gpg-pubkey*

已导入的公钥的细节，可以查询并显示。下面是有关 Redhat GPG/DSA 公钥的信息：

rpm -qi gpg-pubkey-db42a60e

最后，已导入的公钥可以像软件包一样被删除。下面是如何卸载 Redhat GPG/DSA 公钥：

rpm -e gpg-pubkey-db42a60e  

签署软件包

rpm --addsign|--resign PACKAGE_FILE ...

选项 --addsign 与 --resign 都可以为每个软件包 PACKAGE_FILE 生成并插入新的签名，替换任何已有的签名。存在两个选项，是由于历史的原因，现在它们的行为没有区别。  

使用 GPG 来签署软件包

为使用 GPG 来签署软件包，必须配置 rpm 运行 GPG，并且要能找到包含合适密钥的钥匙环。默认情况下，rpm 使用与 GPG 相同的约定来查找钥匙环，也就是 $GNUPGHOME 环境变量。如果你的钥匙环不在 GPG 要求的位置，就必须配置宏 %_gpg_path 为要使用的 GPG 钥匙环的位置。

为了与老版本的 GPG, PGP 和 rpm 兼容，只应配置 V3 OpenPGP 签名的打包。可以使用 DSA 或者 RSA 校验算法，但是推荐用 DSA。

如果想签署自己创建的打包，还需要创建自己的公钥和私钥对 (参见 GPG 手册)。还需要配置 rpm 宏：

%_signature

签名类型。当前只支持 gpg 和 pgp。

%_gpg_name

用来签署打包的密钥的所有者 "用户" 的名称

例如，要使用 GPG 来签署打包，用户是 "John Doe <jdoe@foo.com>"，钥匙环位置在 /etc/rpm/.gpg，使用可执行文件 /usr/bin/gpg，可以将这一段

%_signature gpg
%_gpg_path /etc/rpm/.gpg
%_gpg_name John Doe <jdoe@foo.com>
%_gpgbin /usr/bin/gpg

包含在宏配置文件中。对于系统范围的设置，使用 /etc/rpm/macros，对于个人设置，使用 ~/.rpmmacros。  

重建数据库选项

重建数据库的命令的一般形式是

rpm {--initdb|--rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]

使用 --initdb 来创建新的数据库，使用 --rebuilddb 来重建数据库索引，根据已安装的软件包头部。  

显示配置

命令

rpm --showrc

将显示 rpm 使用的，在 rpmrc 和 macros 配置文件中定义的选项的值。  

FTP/HTTP 选项

rpm 可以作为一个 FTP 和/或 HTTP 客户端，可以查询或安装互联网上的软件包包。要安装、升级和查询的软件包文件可以以 ftp 或 http 样式的 URL 指定：

ftp://USER:PASSWORD@HOST:PORT/path/to/package.rpm

如果忽略了 :PASSWORD 选项，将提示密码，每个用户名/主机组合提示一次。如果忽略了用户名和密码，将使用匿名 ftp。在所有情况下，都会使用被动 ftp (PSAV)。

rpm 允许在使用 ftp URL 时使用下面的选项：

--ftpproxy HOST

使用主机 HOST 作为所有 ftp 传输的代理服务器，允许用户通过代理系统防火墙访问 ftp。这个选项也可以用宏 %_ftpproxy 指定。

--ftpport PORT

连接到 ftp 代理服务器的 TCP PORT 端口，而不是默认的端口。这个选项也可以用宏 %_ftpport 指定。

rpm 允许在使用 http URL 时使用下面的选项：

--httpproxy HOST

使用主机 HOST 作为所有 http 传输的代理服务器，允许用户通过代理系统防火墙访问 http。这个选项也可以用宏 %_httpproxy 指定。

--httpport PORT

连接到 http 代理服务器的 TCP PORT 端口，而不是默认的端口。这个选项也可以用宏 %_httpport 指定。

LEGACY ISSUES

执行 rpmbuild

rpm 的构建模式，现在由 /usr/bin/rpmbuild 命令完成。尽管使用下面的 popt 别名提供的兼容性已经够用，但是不够完美；因此通过 popt 别名提供的构建兼容性将从 rpm 中移除。安装 rpmbuild 软件包，参见 rpmbuild(8) 中，有关过去记录在 rpm(8) 中的，rpm 构建模式的文档。

将下面的这些添加到 /etc/popt 中，如果想使用 rpm 命令行运行 rpmbuild的话：

rpm     exec --bp               rpmb -bp
rpm     exec --bc               rpmb -bc
rpm     exec --bi               rpmb -bi
rpm     exec --bl               rpmb -bl
rpm     exec --ba               rpmb -ba
rpm     exec --bb               rpmb -bb
rpm     exec --bs               rpmb -bs 
rpm     exec --tp               rpmb -tp 
rpm     exec --tc               rpmb -tc 
rpm     exec --ti               rpmb -ti 
rpm     exec --tl               rpmb -tl 
rpm     exec --ta               rpmb -ta
rpm     exec --tb               rpmb -tb
rpm     exec --ts               rpmb -ts 
rpm     exec --rebuild          rpmb --rebuild
rpm     exec --recompile        rpmb --recompile
rpm     exec --clean            rpmb --clean
rpm     exec --rmsource         rpmb --rmsource
rpm     exec --rmspec           rpmb --rmspec
rpm     exec --target           rpmb --target
rpm     exec --short-circuit    rpmb --short-circuit

FILES

rpmrc 配置文件

/usr/lib/rpm/rpmrc
/usr/lib/rpm/redhat/rpmrc
/etc/rpmrc
~/.rpmrc

Macro 宏定义文件

/usr/lib/rpm/macros
/usr/lib/rpm/redhat/macros
/etc/rpm/macros
~/.rpmmacros

Database 数据库

/var/lib/rpm/Basenames
/var/lib/rpm/Conflictname
/var/lib/rpm/Dirnames
/var/lib/rpm/Filemd5s
/var/lib/rpm/Group
/var/lib/rpm/Installtid
/var/lib/rpm/Name
/var/lib/rpm/Packages
/var/lib/rpm/Providename
/var/lib/rpm/Provideversion
/var/lib/rpm/Pubkeys
/var/lib/rpm/Removed
/var/lib/rpm/Requirename
/var/lib/rpm/Requireversion
/var/lib/rpm/Sha1header
/var/lib/rpm/Sigmd5
/var/lib/rpm/Triggername

Temporary 临时文件

/var/tmp/rpm*  

SEE ALSO

popt(3),
rpm2cpio(8),
rpmbuild(8),

#p#

NAME

rpm - RPM Package Manager  

SYNOPSIS

QUERYING AND VERIFYING PACKAGES:

rpm {-q|--query} [select-options] [query-options]

rpm {-V|--verify} [select-options] [verify-options]

rpm --import PUBKEY ...

rpm {-K|--checksig} [--nosignature] [--nodigest]
    PACKAGE_FILE ...

INSTALLING, UPGRADING, AND REMOVING PACKAGES:

rpm {-i|--install} [install-options] PACKAGE_FILE ...

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts]
    [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

MISCELLANEOUS:

rpm {--initdb|--rebuilddb}

rpm {--addsign|--resign} PACKAGE_FILE ...

rpm {--querytags|--showrc}

rpm {--setperms|--setugids} PACKAGE_NAME ...

select-options

 [PACKAGE_NAME] [-a,--all] [-f,--file FILE]
 [-g,--group GROUP] {-p,--package PACKAGE_FILE]
 [--fileid MD5] [--hdrid SHA1] [--pkgid MD5] [--tid TID]
 [--querybynumber HDRNUM] [--triggeredby PACKAGE_NAME]
 [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]

query-options

 [--changelog] [-c,--configfiles] [-d,--docfiles] [--dump]
 [--filesbypkg] [-i,--info] [--last] [-l,--list]
 [--provides] [--qf,--queryformat QUERYFMT]
 [-R,--requires] [--scripts] [-s,--state]
 [--triggers,--triggerscripts]

verify-options

 [--nodeps] [--nofiles] [--noscripts]
 [--nodigest] [--nosignature]
 [--nolinkto] [--nomd5] [--nosize] [--nouser]
 [--nogroup] [--nomtime] [--nomode] [--nordev]

install-options

 [--aid] [--allfiles] [--badreloc] [--excludepath OLDPATH]
 [--excludedocs] [--force] [-h,--hash]
 [--ignoresize] [--ignorearch] [--ignoreos]
 [--includedocs] [--justdb] [--nodeps]
 [--nodigest] [--nosignature] [--nosuggest]
 [--noorder] [--noscripts] [--notriggers]
 [--oldpackage] [--percent] [--prefix NEWPATH]
 [--relocate OLDPATH=NEWPATH]
 [--repackage] [--replacefiles] [--replacepkgs]
 [--test]

DESCRIPTION

rpm is a powerful Package Manager, which can be used to build, install, query, verify, update, and erase individual software packages. A package consists of an archive of files and meta-data used to install and erase the archive files. The meta-data includes helper scripts, file attributes, and descriptive information about the package. Packages come in two varieties: binary packages, used to encapsulate software to be installed, and source packages, containing the source code and recipe necessary to produce binary packages.

One of the following basic modes must be selected: Query, Verify, Signature Check, Install/Upgrade/Freshen, Uninstall, Initialize Database, Rebuild Database, Resign, Add Signature, Set Owners/Groups, Show Querytags, and Show Configuration.  

GENERAL OPTIONS

These options can be used in all the different modes.

-?, --help

Print a longer usage message then normal.

--version

Print a single line containing the version number of rpm being used.

--quiet

Print as little as possible - normally only error messages will be displayed.

-v

Print verbose information - normally routine progress messages will be displayed.

-vv

Print lots of ugly debugging information.

--rcfile FILELIST

Each of the files in the colon separated FILELIST is read sequentially by rpm for configuration information. Only the first file in the list must exist, and tildes will be expanded to the value of $HOME. The default FILELIST is /usr/lib/rpm/rpmrc:/usr/lib/rpm/redhat/rpmrc:/etc/rpmrc:~/.rpmrc.

--pipe CMD

Pipes the output of rpm to the command CMD.

--dbpath DIRECTORY

Use the database in DIRECTORY rather than the default path /var/lib/rpm

--root DIRECTORY

Use the file system tree rooted at DIRECTORY for all operations. Note that this means the database within DIRECTORY will be used for dependency checks and any scriptlet(s) (e.g. %post if installing, or %prep if building, a package) will be run after a chroot(2) to DIRECTORY.

INSTALL AND UPGRADE OPTIONS

The general form of an rpm install command is

rpm {-i|--install} [install-options] PACKAGE_FILE ...

This installs a new package.

The general form of an rpm upgrade command is

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

This upgrades or installs the package currently installed to a newer version. This is the same as install, except all other version(s) of the package are removed after the new package is installed.

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

This will upgrade packages, but only if an earlier version currently exists. The PACKAGE_FILE may be specified as an ftp or http URL, in which case the package will be downloaded before being installed. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support.

--aid

Add suggested packages to the transaction set when needed.

--allfiles

Installs or upgrades all the missingok files in the package, regardless if they exist.

--badreloc

Used with --relocate, permit relocations on all file paths, not just those OLDPATH's included in the binary package relocation hint(s).

--excludepath OLDPATH

Don't install files whose name begins with OLDPATH.

--excludedocs

Don't install any files which are marked as documentation (which includes man pages and texinfo documents).

--force

Same as using --replacepkgs, --replacefiles, and --oldpackage.

-h, --hash

Print 50 hash marks as the package archive is unpacked. Use with -v|--verbose for a nicer display.

--ignoresize

Don't check mount file systems for sufficient disk space before installing this package.

--ignorearch

Allow installation or upgrading even if the architectures of the binary package and host don't match.

--ignoreos

Allow installation or upgrading even if the operating systems of the binary package and host don't match.

--includedocs

Install documentation files. This is the default behavior.

--justdb

Update only the database, not the filesystem.

--nodigest

Don't verify package or header digests when reading.

--nosignature

Don't verify package or header signatures when reading.

--nodeps

Don't do a dependency check before installing or upgrading a package.

--nosuggest

Don't suggest package(s) that provide a missing dependency.

--noorder

Don't reorder the packages for an install. The list of packages would normally be reordered to satisfy dependencies.

--noscripts

--nopre

--nopost

--nopreun

--nopostun

Don't execute the scriptlet of the same name. The --noscripts option is equivalent to

--nopre --nopost --nopreun --nopostun

and turns off the execution of the corresponding %pre, %post, %preun, and %postun scriptlet(s).

--notriggers

--notriggerin

--notriggerun

--notriggerpostun

Don't execute any trigger scriptlet of the named type. The --notriggers option is equivalent to

--notriggerin --notriggerun --notriggerpostun

and turns off execution of the corresponding %triggerin, %triggerun, and %triggerpostun scriptlet(s).

--oldpackage

Allow an upgrade to replace a newer package with an older one.

--percent

Print percentages as files are unpacked from the package archive. This is intended to make rpm easy to run from other tools.

--prefix NEWPATH

For relocatable binary packages, translate all file paths that start with the installation prefix in the package relocation hint(s) to NEWPATH.

--relocate OLDPATH=NEWPATH

For relocatable binary packages, translate all file paths that start with OLDPATH in the package relocation hint(s) to NEWPATH. This option can be used repeatedly if several OLDPATH's in the package are to be relocated.

--repackage

Re-package the files before erasing. The previously installed package will be named according to the macro %_repackage_name_fmt and will be created in the directory named by the macro %_repackage_dir (default value is /var/spool/repackage).

--replacefiles

Install the packages even if they replace files from other, already installed, packages.

--replacepkgs

Install the packages even if some of them are already installed on this system.

--test

Do not install the package, simply check for and report potential conflicts.

ERASE OPTIONS

The general form of an rpm erase command is

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

The following options may also be used:

--allmatches

Remove all versions of the package which match PACKAGE_NAME. Normally an error is issued if PACKAGE_NAME matches multiple packages.

--nodeps

Don't check dependencies before uninstalling the packages.

--noscripts

--nopreun

--nopostun

Don't execute the scriptlet of the same name. The --noscripts option during package erase is equivalent to

--nopreun --nopostun

and turns off the execution of the corresponding %preun, and %postun scriptlet(s).

--notriggers

--notriggerun

--notriggerpostun

Don't execute any trigger scriptlet of the named type. The --notriggers option is equivalent to

--notriggerun --notriggerpostun

and turns off execution of the corresponding %triggerun, and %triggerpostun scriptlet(s).

--repackage

Re-package the files before erasing. The previously installed package will be named according to the macro %_repackage_name_fmt and will be created in the directory named by the macro %_repackage_dir (default value is /var/spool/repackage).

--test

Don't really uninstall anything, just go through the motions. Useful in conjunction with the -vv option for debugging.

QUERY OPTIONS

The general form of an rpm query command is

rpm {-q|--query} [select-options] [query-options]

You may specify the format that package information should be printed in. To do this, you use the

 --qf|--queryformat QUERYFMT

option, followed by the QUERYFMT format string. Query formats are modified versions of the standard printf(3) formatting. The format is made up of static strings (which may include standard C character escapes for newlines, tabs, and other special characters) and printf(3) type formatters. As rpm already knows the type to print, the type specifier must be omitted however, and replaced by the name of the header tag to be printed, enclosed by {} characters. Tag names are case insensitive, and the leading RPMTAG_ portion of the tag name may be omitted as well.

Alternate output formats may be requested by following the tag with :typetag. Currently, the following types are supported:

:armor

    Wrap a public key in ASCII armor.

:base64

Encode binary data using base64.

:date

Use strftime(3) "%c" format.

:day

Use strftime(3) "%a %b %d %Y" format.

:depflags

Format dependency flags.

:fflags

Format file flags.

:hex

Format in hexadecimal.

:octal

Format in octal.

:perms

Format file permissions.

:shescape

Escape single quotes for use in a script.

:triggertype

Display trigger suffix.

For example, to print only the names of the packages queried, you could use %{NAME} as the format string. To print the packages name and distribution information in two columns, you could use %-30{NAME}%{DISTRIBUTION}. rpm will print a list of all of the tags it knows about when it is invoked with the --querytags argument.

There are two subsets of options for querying: package selection, and information selection.  

PACKAGE SELECTION OPTIONS:

PACKAGE_NAME

Query installed package named PACKAGE_NAME.

-a, --all

Query all installed packages.

-f, --file FILE

Query package owning FILE.

--fileid MD5

Query package that contains a given file identifier, i.e. the MD5 digest of the file contents.

-g, --group GROUP

Query packages with the group of GROUP.

--hdrid SHA1

Query package that contains a given header identifier, i.e. the SHA1 digest of the immutable header region.

-p, --package PACKAGE_FILE

Query an (uninstalled) package PACKAGE_FILE. The PACKAGE_FILE may be specified as an ftp or http style URL, in which case the package header will be downloaded and queried. See FTP/HTTP OPTIONS for information on rpm's internal ftp and http client support. The PACKAGE_FILE argument(s), if not a binary package, will be interpreted as an ASCII package manifest. Comments are permitted, starting with a '#', and each line of a package manifest file may include white space separated glob expressions, including URL's with remote glob expressions, that will be expanded to paths that are substituted in place of the package manifest as additional PACKAGE_FILE arguments to the query.

--pkgid MD5

Query package that contains a given package identifier, i.e. the MD5 digest of the combined header and payload contents.

--querybynumber HDRNUM

Query the HDRNUMth database entry directly; this is useful only for debugging.

--specfile SPECFILE

Parse and query SPECFILE as if it were a package. Although not all the information (e.g. file lists) is available, this type of query permits rpm to be used to extract information from spec files without having to write a specfile parser.

--tid TID

Query package(s) that have a given TID transaction identifier. A unix time stamp is currently used as a transaction identifier. All package(s) installed or erased within a single transaction have a common identifier.

--triggeredby PACKAGE_NAME

Query packages that are triggered by package(s) PACKAGE_NAME.

--whatprovides CAPABILITY

Query all packages that provide the CAPABILITY capability.

--whatrequires CAPABILITY

Query all packages that requires CAPABILITY for proper functioning.

PACKAGE QUERY OPTIONS:

--changelog

Display change information for the package.

-c, --configfiles

List only configuration files (implies -l).

-d, --docfiles

List only documentation files (implies -l).

--dump

Dump file information as follows:

path size mtime md5sum mode owner group isconfig isdoc rdev symlink
        

This option must be used with at least one of -l, -c, -d.

--filesbypkg

List all the files in each selected package.

-i, --info

Display package information, including name, version, and description. This uses the --queryformat if one was specified.

--last

Orders the package listing by install time such that the latest packages are at the top.

-l, --list

List files in package.

--provides

List capabilities this package provides.

-R, --requires

List packages on which this package depends.

--scripts

List the package specific scriptlet(s) that are used as part of the installation and uninstallation processes.

-s, --state

Display the states of files in the package (implies -l). The state of each file is one of normal, not installed, or replaced.

--triggers, --triggerscripts

Display the trigger scripts, if any, which are contained in the package.

VERIFY OPTIONS

The general form of an rpm verify command is

rpm {-V|--verify} [select-options] [verify-options]

Verifying a package compares information about the installed files in the package with information about the files taken from the package metadata stored in the rpm database. Among other things, verifying compares the size, MD5 sum, permissions, type, owner and group of each file. Any discrepancies are displayed. Files that were not installed from the package, for example, documentation files excluded on installation using the "--excludedocs" option, will be silently ignored.

The package selection options are the same as for package querying (including package manifest files as arguments). Other options unique to verify mode are:

--nodeps

Don't verify dependencies of packages.

--nodigest

Don't verify package or header digests when reading.

--nofiles

Don't verify any attributes of package files.

--noscripts

Don't execute the %verifyscript scriptlet (if any).

--nosignature

Don't verify package or header signatures when reading.

--nolinkto

--nomd5

--nosize

--nouser

--nogroup

--nomtime

--nomode

--nordev

Don't verify the corresponding file attribute.

The format of the output is a string of 8 characters, a possible attribute marker:

c %config configuration file.
d %doc documentation file.
g %ghost file (i.e. the file contents are not included in the package payload).
l %license license file.
r %readme readme file.

from the package header, followed by the file name. Each of the 8 characters denotes the result of a comparison of attribute(s) of the file to the value of those attribute(s) recorded in the database. A single "." (period) means the test passed, while a single "?" (question mark) indicates the test could not be performed (e.g. file permissions prevent reading). Otherwise, the (mnemonically emBoldened) character denotes failure of the corresponding --verify test:

S file Size differs
M Mode differs (includes permissions and file type)
5 MD5 sum differs
D Device major/minor number mismatch
L readLink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs

DIGITAL SIGNATURE AND DIGEST VERIFICATION

The general forms of rpm digital signature commands are

rpm --import PUBKEY ...

rpm {--checksig} [--nosignature] [--nodigest]
    PACKAGE_FILE ...

The --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the package. Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and signatures associated with a package.

Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using --import. An imported public key is carried in a header, and key ring management is performed exactly like package management. For example, all currently imported public keys can be displayed by:

rpm -qa gpg-pubkey*

Details about a specific public key, when imported, can be displayed by querying. Here's information about the Red Hat GPG/DSA key:

rpm -qi gpg-pubkey-db42a60e

Finally, public keys can be erased after importing just like packages. Here's how to remove the Red Hat GPG/DSA key

rpm -e gpg-pubkey-db42a60e  

SIGNING A PACKAGE

rpm --addsign|--resign PACKAGE_FILE ...

Both of the --addsign and --resign options generate and insert new signatures for each package PACKAGE_FILE given, replacing any existing signatures. There are two options for historical reasons, there is no difference in behavior currently.  

USING GPG TO SIGN PACKAGES

In order to sign packages using GPG, rpm must be configured to run GPG and be able to find a key ring with the appropriate keys. By default, rpm uses the same conventions as GPG to find key rings, namely the $GNUPGHOME environment variable. If your key rings are not located where GPG expects them to be, you will need to configure the macro %_gpg_path to be the location of the GPG key rings to use.

For compatibility with older versions of GPG, PGP, and rpm, only V3 OpenPGP signature packets should be configured. Either DSA or RSA verification algorithms can be used, but DSA is preferred.

If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the GPG manual). You will also need to configure the rpm macros

%_signature

The signature type. Right now only gpg and pgp are supported.

%_gpg_name

The name of the "user" whose key you wish to use to sign your packages.

For example, to be able to use GPG to sign packages as the user "John Doe <jdoe@foo.com>" from the key rings located in /etc/rpm/.gpg using the executable /usr/bin/gpg you would include

%_signature gpg
%_gpg_path /etc/rpm/.gpg
%_gpg_name John Doe <jdoe@foo.com>
%_gpgbin /usr/bin/gpg

in a macro configuration file. Use /etc/rpm/macros for per-system configuration and ~/.rpmmacros for per-user configuration.  

REBUILD DATABASE OPTIONS

The general form of an rpm rebuild database command is

rpm {--initdb|--rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]

Use --initdb to create a new database, use --rebuilddb to rebuild the database indices from the installed package headers.  

SHOWRC

The command

rpm --showrc

shows the values rpm will use for all of the options are currently set in rpmrc and macros configuration file(s).  

FTP/HTTP OPTIONS

rpm can act as an FTP and/or HTTP client so that packages can be queried or installed from the internet. Package files for install, upgrade, and query operations may be specified as an ftp or http style URL:

ftp://USER:PASSWORD@HOST:PORT/path/to/package.rpm

If the :PASSWORD portion is omitted, the password will be prompted for (once per user/hostname pair). If both the user and password are omitted, anonymous ftp is used. In all cases, passive (PASV) ftp transfers are performed.

rpm allows the following options to be used with ftp URLs:

--ftpproxy HOST

The host HOST will be used as a proxy server for all ftp transfers, which allows users to ftp through firewall machines which use proxy systems. This option may also be specified by configuring the macro %_ftpproxy.

--ftpport PORT

The TCP PORT number to use for the ftp connection on the proxy ftp server instead of the default port. This option may also be specified by configuring the macro %_ftpport.

rpm allows the following options to be used with http URLs:

--httpproxy HOST

The host HOST will be used as a proxy server for all http transfers. This option may also be specified by configuring the macro %_httpproxy.

--httpport PORT

The TCP PORT number to use for the http connection on the proxy http server instead of the default port. This option may also be specified by configuring the macro %_httpport.

LEGACY ISSUES

Executing rpmbuild

The build modes of rpm are now resident in the /usr/bin/rpmbuild executable. Although legacy compatibility provided by the popt aliases below has been adequate, the compatibility is not perfect; hence build mode compatibility through popt aliases is being removed from rpm. Install the rpmbuild package, and see rpmbuild(8) for documentation of all the rpm build modes previously documented here in rpm(8).

Add the following lines to /etc/popt if you wish to continue invoking rpmbuild from the rpm command line:

rpm     exec --bp               rpmb -bp
rpm     exec --bc               rpmb -bc
rpm     exec --bi               rpmb -bi
rpm     exec --bl               rpmb -bl
rpm     exec --ba               rpmb -ba
rpm     exec --bb               rpmb -bb
rpm     exec --bs               rpmb -bs 
rpm     exec --tp               rpmb -tp 
rpm     exec --tc               rpmb -tc 
rpm     exec --ti               rpmb -ti 
rpm     exec --tl               rpmb -tl 
rpm     exec --ta               rpmb -ta
rpm     exec --tb               rpmb -tb
rpm     exec --ts               rpmb -ts 
rpm     exec --rebuild          rpmb --rebuild
rpm     exec --recompile        rpmb --recompile
rpm     exec --clean            rpmb --clean
rpm     exec --rmsource         rpmb --rmsource
rpm     exec --rmspec           rpmb --rmspec
rpm     exec --target           rpmb --target
rpm     exec --short-circuit    rpmb --short-circuit

FILES

rpmrc Configuration

/usr/lib/rpm/rpmrc
/usr/lib/rpm/redhat/rpmrc
/etc/rpmrc
~/.rpmrc

Macro Configuration

/usr/lib/rpm/macros
/usr/lib/rpm/redhat/macros
/etc/rpm/macros
~/.rpmmacros

Database

/var/lib/rpm/Basenames
/var/lib/rpm/Conflictname
/var/lib/rpm/Dirnames
/var/lib/rpm/Filemd5s
/var/lib/rpm/Group
/var/lib/rpm/Installtid
/var/lib/rpm/Name
/var/lib/rpm/Packages
/var/lib/rpm/Providename
/var/lib/rpm/Provideversion
/var/lib/rpm/Pubkeys
/var/lib/rpm/Removed
/var/lib/rpm/Requirename
/var/lib/rpm/Requireversion
/var/lib/rpm/Sha1header
/var/lib/rpm/Sigmd5
/var/lib/rpm/Triggername

Temporary

/var/tmp/rpm*  

SEE ALSO

popt(3),
rpm2cpio(8),
rpmbuild(8),