RPM
We know that the programs used on the operating system are developed by programmers through development tools, and the plain text written by programmers is called source code. Since the computer only understands binary, the source code written by the programmer must be compiled into a binary program that the computer understands. Compilation is to convert the source code into binary, and then install it on the operating system through certain steps to be used by us.
Although source code compiles software, not everyone does source code compilation after all. If my Linux system is exactly the same as the distribution manufacturer, then the programs compiled on the manufacturer's system can naturally also run on our system. Since we are originally using the manufacturer's release version, it is of course no problem to use the software compiled on the manufacturer's system.
When installing, you can also add some information related to these programs, and establish it as a database, then you can perform related functions such as installation, uninstallation, upgrade and verification. Common Linux software installation methods include RedHat's rpm and Debian's dpkg.
RPM is a way to install it after pre-compiling and packaging it into RPM file format, and it can also record in the database.
package manager
- Components of a binary application:
binaries, libraries, configuration files, help files - Package managers:
debian: deb files, dpkg package manager
redhat: rpm files, rpm package manager
rpm: Redhat Package Manager
RPM Package Manager
Source code: name-VERSION.tar.gz|bz2|xz
VERSION: major.minor.release
pm Package naming method:
name-VERSION-release.arch.rpm
Example: bash-4.2.46-19.el7.x86_64.rpm
VERSION: major.minor.release
release: release.OS
common arch:
x86: i386, i486, i586, i686
x86_64: x64, x86_64, amd64
powerpc: ppc
platform independent: noarch
Packages: Sorting and Unpacking
Application-VERSION-ARCH.rpm: 主包
Application-devel-VERSION-ARCH.rpm 开发子包
Application-utils-VERSION-ARHC.rpm 其它子包
Application-libs-VERSION-ARHC.rpm 其它子包
**包之间:可能存在依赖关系,甚至循环依赖Solve the dependency package management tool:
- yum: Front-end tool for rpm package manager
- apt-get: deb package manager front-end tool
- zypper: rpm front-end management tool on suse
- dnf: Fedora 18+ rpm package manager front-end management tool
Library file
- View the library files that the binary program depends on**
ldd /PATH/TO/BINARY_FILE*** - Manage and view the library file
ldconfig loaded by the machine Load the library file
sbin/ldconfig -p: Display all available library file names and file path mapping relationships that have been cached by the machine
Configuration file: /etc/ld.so.conf, /etc/ ld.so.conf.d/\. conf**
Cache file: /etc/ld.so.cache***
rpm package management
Use rpm command to manage packages on CentOS system:
installation, uninstallation, upgrade, query, verification, database maintenanceInstall:
rpm {-i|--install} [install-options] PACKAGE_FILE…
-v: verbose
-vv:
-h: Display package management execution progress with
#rpm -ivh PACKAGE_FILE ...
rpm package installation
[install-options]
- --test: Test the installation, but do not actually execute the installation, i.e. dry run mode
- --nodeps: ignore dependencies
- --replacepkgs override packages
- --replacefiles Override files (default is not to install when two packages have the same files.)
- --nosignature: don't check source validity
- --nodigest: do not check package integrity
- --noscripts: do not execute package scripts
%pre: pre-install script; --nopre
%post: post-install script; --nopost
%preun: pre-uninstall script; --nopreun
%postun: post-uninstall script; --nopostun
upgrade:
- rpm {-U|--upgrade} [install-options] PACKAGE_FILE...
upgrade: "upgrade"
if legacy package is installed "install" if no legacy package exists - rpm {-F|--freshen} [install-options] PACKAGE_FILE...
freshen: "upgrade" if legacy package is installed rpm -Uvh PACKAGE_FILE ... rpm
if no legacy package exists -Fvh PACKAGE_FILE ... --oldpackage: downgrade --force: force install
Upgrade Notes
Notice:
- Do not upgrade the kernel; Linux supports the coexistence of multiple kernel versions, therefore, it is not necessary to directly install the new version of the kernel
- If the configuration file of the original package has been modified after installation, during the upgrade, the same configuration file provided by the new version will not directly overwrite the configuration file of the old version, but after renaming the file of the new version (FILENAME.rpmnew) Reserve
- When upgrading, the binary will be overwritten, but the configuration file will not be overwritten.
- The Linux kernel allows multiple versions to coexist. To install the kernel, do not use -Uvh and -Fvh to install, you should use -ivh to install. When the system starts, only one kernel can be used to boot,
package query
rpm {-q|--query} [select-options] [query-options]
[select-options]
- -a: all packages
- -f: View which package installation generated the specified file
- -p rpmfile: query for package files that have not been installed
- --whatprovides CAPABILITY: Query which package provides the specified CAPABILITY
- --whatrequires CAPABILITY: Query which package the specified CAPABILITY depends on
- rpm2cpio package file|cpio –itv Preview the files in the
package rpm2cpio package file|cpio –id “*.conf” Release the files in the package
[query-options]
- --changelog: Query the changelog of the rpm package
- -c: the configuration file of the query program
- -d: Query program's documentation
- -i: information
- -l: View all files generated after the specified package is installed
- --scripts: scripts that come with the package
- --provides: list the CAPABILITY provided by the specified package
- -R: Query the CAPABILITY that the specified package depends on
Package uninstall:
rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--test] PACKAGE_NAME ...
packet verification
After a package is installed, the /var/lib/rpm database is automatically updated. It records the metadata of each file in this package.
Query whether the files generated after package installation have changed,
common usage:
rpm {-V|--verify} [select-options] [verify-options]
- S file Size differs
- M Mode differs (includes permissions and file type)
- 5 digest (formerly MD5 sum) differs
- D Device major/minor number mismatch
- L readLink(2) path mismatch
- U User ownership differs
- G Group ownership differs
- T mTime differs
- P capabilities differ
packet verification
- Package source validity verification and integrity verification
Integrity verification: SHA256
source legality verification: RSA - Public key encryption
Symmetric encryption: Encryption and decryption use the same key
Asymmetric encryption: The key is a pair of
public key: public key, open to everyone
secret key: private key,
the public key required for import cannot be publicly importedrpm -K|checksig rpmfile Check package integrity and signature
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
rpm --import /run/media/root/CentOS\ 7\ x86_64/RPM-GPG-KEY-CentOS-7
CentOS 7 distribution CD provided: RPM-GPG-KEY-CentOS-7
rpm -qa "gpg-pubkey "
rpm -qi gpg-pubkey-f4a80eb5-53a7ff4b
cat /etc/pki /rpm-gpg/RPM-GPG-KEY-CentOS-7
rpm -e gpg-pubkey-f4a80eb5-53a7ff4b *
rpm database
- Database rebuild:
/var/lib/rpm - rpm {--initdb|--rebuilddb}
initdb: initialize
if the database does not exist beforehand, create a new one
otherwise, do nothing
rebuilddb: rebuild the database index directory of the installed header
Yum
Since rpm has software-related dependencies, when there are multiple packages that depend on each other, do you install the software to be installed and the software it depends on in one go? yum is implemented based on C/S structure.
There are some rpm packages and some metadata on the yum server. All rpm packages to be released are placed on the yum server for others to download. The yum server only needs to provide simple downloads, either in the form of ftp or httpd.
Every time the client uses yum, it will parse all the configuration files ending with .repo under /etc/yum.repos.d. These configuration files specify the address of the yum server.
yum
- CentOS: yum, dnf
- YUM: Yellowdog Update Modifier, front-end for rpm, resolves package dependencies, locates packages across multiple repositories, alternative to up2date
- yum repository: yum repo, which stores many rpm packages and related metadata files of packages (placed in a specific directory repodata)
File server:
http://
https://
ftp://
file://
yum configuration file
yum client configuration file:
/etc/yum.conf: Provides common configuration for all repositories
/etc/yum.repos.d/*.repo : Provides configuration for repository pointing
The definition that the repository points to
- [main]
语句块的名称 - cachedir=/var/cache/yum/$basearch/$releasever
缓存的文件夹<br/>$basearch 为cpu架构,$releasever 为版本 - baseurl = url: // path/to/repository/
yum仓库的路径,当yum仓库的指向多条路径时,可以把多条路径放到一个文件里,仓库的路径指向文件的路径:<br/>mirrorlist=file:///root/baselist - keepcache = 0
为1时,rpm包下载下来时,包会缓存下来,默认会删掉 - debuglevel=2
调试 - enabled={1|0}
为0时禁用仓库,为1时启用仓库 - logfile=/var/log/yum.log
日志 - exactfile=1
- obsoletes=1
- gpgcheck=1
相当于rpm -K,为1,包不完整不合法,拒绝安装,为0时,忽略检查
gpgkey=URL导入公钥
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-CentOS-7 - plugins=1
插件启用 - installonly_limit=5
并行安装,加速访问 - enablegroups={1|0}
- failovermethod={roundrobin|priority}
roundrobin: means random selection, default value
priority: access in order - cost= The default is 1000`, the smaller the priority, the higher the priority
Features of yum: It is not allowed to run multiple yum commands in parallel on a machine at the same time.
Use the CD as the yum source . In the CD: rpm package is in the Packages directory, and metadata is in the repodata directory.
Principle: The path to write the warehouse in the future is to write the parent directory of the repodata
Variables available in the yum repo configuration file of the yum repository
: $releasever: the major version number of the current OS release
$arch: platform, i386, i486, i586, x86_64, etc.
$basearch: base platform; i386, x86_64
$YUM0-$ YUM9: Custom Variable
Instance
http://server/centos/$releasever/$basearch/
http://server/centos/7/x86_64
http://server/centos/6/i384
yum command
- Usage of yum command:
yum [options] [command] [package ...] - Display the list of repositories:
yum repolist [all|enabled|disabled] - Show packages:
yum list
yum list [all | glob_exp1] [glob_exp2] [...]
yum list {available|installed|updates} [glob_exp1] [...] -
Install packages:
yum install package1 [package2] [...]
yum reinstall package1 [package2] [...] (reinstall) - Upgrade packages:
yum update [package1] [package2] [...]
yum downgrade package1 [package2] [...] (downgrade) - Check for available upgrades:
yum check-update -
Uninstall a package:
yum remove | erase package1 [package2] [...] - View package information:
yum info [...] - See which package provides the specified feature (which can be a file):
yum provides | whatprovides feature1 [feature2] [...] - Clean local cache:
clear /var/cache/yum/$basearch/$releasever cache
yum clean [ packages | metadata | expire-cache | rpmdb | plugins | all ] -
Build cache:
yum makecache - Search: yum search string1 [string2] [...]
Search the package name and summary information with the specified keyword - View the capabilities that the specified package depends on:
yum deplist package1 [package2] [...] - 查看yum事务历史:
yum history [info|list|packages-list|packages-info|
summary|addon-info|redo|undo|
rollback|new|sync|stats]
yum history
yum history info 6查看
yum history undo 6取反
yum history redo 6重做 -
Log: /var/log/yum.log
- **To install and update local packages: ***
yum localinstall rpmfile1 [rpmfile2] [...]
(replace with install)
yum localupdate rpmfile1 [rpmfile2] [...]
(replace with update) -
Related commands for package group management:
yum groupinstall group1 [group2] [...]
yum groupupdate group1 [group2] [...]
yum grouplist [hidden] [groupwildcard] [...]
yum groupremove group1 [group2] [. ..]
yum groupinfo group1 [...] - Command line options for yum:
--nogpgcheck: disable gpg check
-y: auto answer "yes"
-q: silent mode
--disablerepo=repoidglob: temporarily disable the repo specified here
--enablerepo=repoidglob: temporarily enable this repo specified at
--noplugins: disable all plugins
System CD yum repository
- The system installation CD is used as the local yum repository:
(1) Mount the CD to a directory, such as /mnt/cdrom
mount /dev/cdrom /mnt/cdrom
(2) Create a configuration file
[CentOS7]
name=
baseurl=
gpgcheck=
enabled= - Create a yum repository:
createrepo [options] <directory>