Linux: rpm commands, the construction of third-party software warehouses and the shielding (blacklist) of some software in the yum warehouse

1.rpm

The following experiments are done on the desktop virtual machine
1. Software name recognition
[abrt-addon-ccpp]-[2.1.11-19].[el7].[x86_64].rpm ##The end of rpm is applicable to the redhat operating system
[abrt- addon-ccpp] ##Software name
[2.1.11-19].[el7] ##Software version
[x86_64] ##Software for 64-bit system
First , you need to transfer the required installation package to the virtual machine:

in the virtual machine Check it out:

first switch to the /mnt environment, then create a directory mkdir /mnt/software, and then switch to the software environment to perform the following operations.
2. The format and parameters of the rpm command

rpm   -ivh name --nodeps  ##安装，-v显示过程，-h指定加密方式为hash  
rpm   -ivh name.rpm --force  ##强制安装，但不能忽略依赖性
rpm   -ivh name.rpm --nodeps --force  ##忽略依赖性并且强制安装
rpm    -e  name   ##卸载
rpm    -ql name   ##查询软件生成文件
rpm    -qc name   ##查询软件的配置文件名称
rpm    -qd name   ##查询软件的说明文件名称
rpm    -qlp name.rpm（安装包名字）  ##查询软件安装后会生成什么文件
rpm    -qa            ##查询系统中安装的所有软件名称
rpm    -qa |grep name ##查询软件是否安装 (是模糊的名称eg：wps)
rpm    -q name       ##查询软件是否安装 （是精确的名称eg：wps-office）
rpm    -qp name.rpm   ##查询软件安装包安装后的名字
rpm    -qf filename   ##查看filename属于哪个安装包
rpm    -qi name       ##查看软件信息
rpm    -Kv name.rpm   ##检测软件包是否被篡改(为了不影响原来安装包，可以复制一个安装包)
[root@localhost software]# rpm -Kv wps-office-10.1.0.5672-1.a21.x86_64.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm:
    Header SHA1 digest: OK (6f484bc49b51424956678ac1b55ae74a86af2a28)
    MD5 digest: OK (5bb5b15d9d6006305856c903999398a6)

Header SHA1 digest: OK (6f484bc49b51424956678ac1b55ae74a86af2a28)
    MD5 digest: OK (5bb5b15d9d6006305856c903999398a6)
    ##出现两个OK，说明文件没有被篡改
[root@localhost software]# rpm -Kv wps-office-10.1.0.5672-1.a21.x86_64.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm:
    Header SHA1 digest: OK (6f484bc49b51424956678ac1b55ae74a86af2a28)
    MD5 digest: BAD Expected(5bb5b15d9d60systemctl disable firewalld06305856c903999398a6) != (cd666bf78a1c370117f1211835868dcf)
echo hello >>wps-office-10.1.0.5672-1.a21.x86_64.rpm
##若有一个不出现OK，说明文件被篡改，可以删除本文件
rpm   -qp name.rpm --scripts  ##检测软件在安装或卸载过程中执行的动作

Detect if a package has been tampered with

2. Construction of third-party software warehouses

Put all rpm software into a directory, in which only rpm files can exist
createrepo -v /rpm storage directory ---> /rpm storage directory/repodata ##This directory is the scanned software data
createrepo ##Generated Database files for packages

createrepo  .   
Spawning worker 0 with 3 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm  linuxqq-v1.0.2-beta1.i386.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm  repodata
                                             ---------- ##第三方软件仓库

vim /etc/yum.repos.d/rhel_dvd.repo
write file content: [software]
name=software
baseurl=file:///mnt/software ##rpm storage directory
gpgcheck=0

yum clean all
yum install httpd ##Install httpd
systemctl start httpd
systemctl enable httpd
systemctl stop firewalld
systemctl disable firewalld
cp -r /mnt/software/ /var/www/html/ ##Share
web browser: 172.25.254.119/software # #Enter the virtual machine ip

3. Blocking (blacklist) of some software in the yum warehouse

Content written in vim /etc/yum.conf
: exclude=*.i686 (32-bit)
yum list ##View
yum list linuxqq Content written in
vim /etc/yum.conf
: exclude=*.i386

[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3
exclude=*.i686--编写内容（i686是32位）
#  This is the default, if you make this bigger yum won't see if the metadata
# is newer on the remote and so you'll "gain" the bandwidth of not having to
# download the new metadata and "pay" for it by yum not having correct
# information.
#  It is esp. important, to have correct metadata, for distributions like
# Fedora which don't keep old packages around. If you don't like this checking
# interupting your command line usage, it's much better to have something
# manually check the metadata once an hour (yum-updatesd will do this).
# metadata_expire=90m

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

yum list linuxqq

Note: (If red letters appear after viewing, it means that the installation package has been installed and cannot be placed in the blacklist. You need to uninstall the installation package to execute)