J
Jarret W. Buse
Guest
Linux+: Applications 03 – RPM Package Verify
In the first two articles of the Linux+ Applications section, I covered the RPM modes of Install, Update, Freshen, Remove and Query. In this article, I will cover the details about the last RPM Mode: Verify.
NOTE: Do not confuse RPM with Yum. Yum is a command-line front-end for RPM. Apper and other such programs are a GUI front-end for both.
This article covers the use of RPM from a command-line. It is assumed that any packages, which are files with an extension of RPM, are located locally on the system. The Yum utility and Apper GUI is used to actually perform downloading of the package to the local system. Once the package is downloaded locally, Yum or Apper calls RPM in the background to perform the actual desired command on the package.
The “Verify” mode of RPM is used to determine the status of installed packages. It helps to “verify” that the package installed has not changed since it was installed.
You may wonder, “What exactly is being verified?”. The following are checked when performing a verification:
The basic syntax for RPM to query installed packages is:
RPM -V select_options verify_options
RPM --verify select_options verify_options
The “select_options” are as follows:
The “verify_options” are as follows:
To perform a basic verification of an installed package called “Application1.rpm”, the command would be: “rpm -Vp Application1.rpm”. The “-p” option is used when specifying a package name.
If you would want to verify all packages, the command would be: “rpm -Va”. Since the output could be quite extensive, it may be best to pipe the output to a file. Piping to a file can be done by a command similar to “rpm -Va > VerifyOut.txt”. The file can then be viewed to study any errors more closely. As problems are resolved, the command can be performed again to shorten the list and continue to systematically repair your system's packages.
If a verification should fail, the error message given should provide enough information to fix the problem. For example, if an error is given about “unsatisfied dependencies”, then there are dependency files missing.
Output is displayed as a filename and abbreviated error messages. The error messages show what is wrong with the file given by the following:
For example, if a file is listed and has an “S” and “M” next to
it, it shows the size and permissions have changed. If the error is
“missing”, then the file has been removed.
If the package is not working properly and the verification fails, then
you should probably “freshen” or “upgrade” the package.
Just as with the other RPM Modes, be sure to practice with this one before
taking the Linux+ certification exam. If you should come across
problems, be aware how to resolve them by upgrading or freshening a
package.
In the first two articles of the Linux+ Applications section, I covered the RPM modes of Install, Update, Freshen, Remove and Query. In this article, I will cover the details about the last RPM Mode: Verify.
NOTE: Do not confuse RPM with Yum. Yum is a command-line front-end for RPM. Apper and other such programs are a GUI front-end for both.
This article covers the use of RPM from a command-line. It is assumed that any packages, which are files with an extension of RPM, are located locally on the system. The Yum utility and Apper GUI is used to actually perform downloading of the package to the local system. Once the package is downloaded locally, Yum or Apper calls RPM in the background to perform the actual desired command on the package.
The “Verify” mode of RPM is used to determine the status of installed packages. It helps to “verify” that the package installed has not changed since it was installed.
You may wonder, “What exactly is being verified?”. The following are checked when performing a verification:
- Owner
- Group
- Mode
- MD5 Checksum
- Size
- Major Number
- Minor Number
- Symbolic Link String
- Modification Time
The basic syntax for RPM to query installed packages is:
RPM -V select_options verify_options
RPM --verify select_options verify_options
The “select_options” are as follows:
- PACKAGE_NAME – queries the package given by PACKAGE_NAME
- -a (--all) – queries all the installed packages
- -f (--file FILE) – queries the package owning the specified FILE
- --fileid MD5 – queries package with given file identifier MD5
- -g (--group GROUP_NAME) – queries packages within the group GROUP_NAME
- -p (--package PACKAGE_FILE) – query uninstalled package of PACKAGE_NAME
- --hdrid SHA1– query package with header identifier given as SHA1
- --pkgid MD5 – queries package with package identifier of MD5
- --tid TID – queries packagaes with transaction identifier of TID
- --querybynumber HDRNUM – queries the entry number of a database given by the entry number of HDRNUM
- --triggeredby PACKAGE_NAME – queries the packages which are triggered by the PACKAGE_NAME
- --whatprovides CAPABILITY – query all packages which provide the given CAPABILITY
- --whatrequires CAPABILITY – query all packages which require the CAPABAILITY to function properly
The “verify_options” are as follows:
- --nodeps – prevents the package dependencies from being verified
- --nofiles – skip verification of package file attributes
- --noscripts – do not execute scriptlets during verification
- --nodigest – verification of package and header digests are skipped
- --nosignature – package and header signatures are not verified
- --nolinkto – the link file attributes are not verified
- --nofiledigest – do not verify MD5 checksums
- --nosize – verification of file size is skipped
- --nouser – file owner is not verified
- --nogroup – verification of group owner is skipped
- --nomtime – mtime verification is skipped
- --nomode – file permissions verification is skipped
- --nordev – skip file attribute verification
- --nocaps – (documentation is lacking on this parameter)
To perform a basic verification of an installed package called “Application1.rpm”, the command would be: “rpm -Vp Application1.rpm”. The “-p” option is used when specifying a package name.
If you would want to verify all packages, the command would be: “rpm -Va”. Since the output could be quite extensive, it may be best to pipe the output to a file. Piping to a file can be done by a command similar to “rpm -Va > VerifyOut.txt”. The file can then be viewed to study any errors more closely. As problems are resolved, the command can be performed again to shorten the list and continue to systematically repair your system's packages.
If a verification should fail, the error message given should provide enough information to fix the problem. For example, if an error is given about “unsatisfied dependencies”, then there are dependency files missing.
Output is displayed as a filename and abbreviated error messages. The error messages show what is wrong with the file given by the following:
- S = size change
- M = permissions change
- 5 = MD5 changed
- L = Symlink changed
- D = Device change
- U = User change
- G = Group change
- T = Date/Time change
- missing = file is gone
For example, if a file is listed and has an “S” and “M” next to
it, it shows the size and permissions have changed. If the error is
“missing”, then the file has been removed.
If the package is not working properly and the verification fails, then
you should probably “freshen” or “upgrade” the package.
Just as with the other RPM Modes, be sure to practice with this one before
taking the Linux+ certification exam. If you should come across
problems, be aware how to resolve them by upgrading or freshening a
package.
