软件管理
1.获取程序包的途径
系统发行版的光盘或官方的服务器
http://mirrors.aliyun.com
http://mirrors.sohu.com
http://mirrors.163.com
项目官方站点
第三方组织
Fedora-EPEL(推荐)
搜索引擎:
http://pkgs.org
http://rpmfind.net
http://rpm.pbone.net
自己制作
2.软件包管理器的职责
将二进制程序,库文件,配置文件,帮助文件打包成一个文件;
安装软件时按需将二进制文件,库文件,配置文件,帮助文件放到相应的位置;
生成数据库,追踪所安装的每一个文件;
软件卸载时根据安装时生成的数据库将对应的文件删除
3.软件包管理器的核心功能
制作软件包
安装软件
卸载软件
升级软件
查询软件
校验软件
4.软件包管理
-
程序的组成清单(每个包独有)
- 文件清单
- 安装或卸载时运行的脚本
-
数据库(公共)
- 程序包名称及版本
- 依赖关系
- 功能说明
- 安装生成的各文件的文件路径及校验码信息
5.软件包分类
二进制格式(编译好的,装上就可以用)
- rpm包作者下载源程序,编译配置完成后,制作成rpm包
- why would we do that? because:
- 有些特性是编译时选定的,如果编译时未选定此特性,将无法使用
- rpm包的版本会落后于源码包,甚至落后很多
源码格式(需要编译,也叫定制)
- 命名方式:name-VERSION.tar.gz
- VERSION:major.minor.release
6.软件包管理工具
分类:
-
前端工具,常用的前端工具有以下这些:
- yum
- apt-get
- zypper (suse上的rpm前端管理工具)
- dnf(Fedora 22+ rpm前端管理工具)
-
后端工具,常用的后端工具有以下这些:
- rpm
- dpt
注意:
- 前端工具是依赖于后端工具的
- 前端工具是为了自动解决后端工具的依赖关系而存在的
7.软件安装方式
通过前端工具安装
通过后端工具安装
编译安装
8.rpm包命名规范
包的组成
- 主包:bind-9.7.1-1.el5.i586.rpm
- 子包:bind-libs-9.7.1-1.el5.i586.rpm bind-utils-9.7.1-1.el5.i586.rpm
包名格式
- name-version-release-arch.rpm
- bind-major.minor.release-release.arch.rpm
包名格式说明
- major(主版本号):重大改进
- minor(次版本号):某个子功能发生重大变化
- release(发行号):修正了部分bug,调整了一点功能
常见的arch
- x86:i386,i486,i586,i686
- x86_64:x64,x86_64,amd64
- 跟平台无关:noarch
9.rpm包管理
9.1.什么是rpm及其作用
rpm是Redhat Package Manager的简称,用于管理软件包。
rpm有一个强大的数据库/var/lib/rpm。
rpm的管理工作包括软件的安装、卸载、升级、查询、校验、重建数据库、验证软件包来源合法性等等。
9.2.rpm包安装
// 语法: rpm -ivh /PATH/TO/PACKAGE_FILE ...
// 常用选项:
-i: 安装
-v: 显示详细信息
-h: 显示安装进度条
[root@localhost ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@localhost ~]# rpm -ivh /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-15.el7 ################################# [100%]
--test: 测试安装,但不真正执行安装过程
[root@localhost ~]# rpm -e wget
[root@localhost ~]# rpm -ivh --test /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
[root@localhost ~]# which wget
/usr/bin/which: no wget in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
--nodeps: 忽略依赖关系
[root@localhost ~]# rpm -ivh /mnt/Packages/httpd-2.4.6-67.el7.x86_64.rpm
警告:/mnt/Packages/httpd-2.4.6-67.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
错误:依赖检测失败:
/etc/mime.types 被 httpd-2.4.6-67.el7.x86_64 需要
httpd-tools = 2.4.6-67.el7 被 httpd-2.4.6-67.el7.x86_64 需要
libapr-1.so.0()(64bit) 被 httpd-2.4.6-67.el7.x86_64 需要
libaprutil-1.so.0()(64bit) 被 httpd-2.4.6-67.el7.x86_64 需要
[root@localhost ~]# rpm -ivh --nodeps /mnt/Packages/httpd-2.4.6-67.el7.x86_64.rpm
警告:/mnt/Packages/httpd-2.4.6-67.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:httpd-2.4.6-67.el7 ################################# [100%]
[root@localhost ~]# which httpd
/usr/sbin/httpd
--replacepkgs: 重新安装,替换原有安装
--oldpackage: 降级
--force: 强行安装,可以实现重装或降级
--nodigest: 不检查包的完整性
--nosignature: 不检查包的来源合法性
--noscripts: 不执行程序包脚本片断
%pre:安装前脚本 --nopre
%post:安装后脚本 --nopost
%preun:卸载前脚本 --nopreun
%postun:卸载后脚本 --nopostun
//在软件包所在目录下可以不指定绝对路径
[root@localhost ~]# cd /mnt/Packages/
[root@localhost Packages]# rpm -ivh wget-1.14-15.el7.x86_64.rpm
警告:wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-15.el7 ################################# [100%]
9.3.rpm包查询
rpm -q PACKAGE_NAME //查询指定的包是否已安装
[root@localhost ~]# rpm -q wget
wget-1.14-15.el7.x86_64
rpm -qa //查询已经安装的所有包
[root@localhost ~]# rpm -ivh --nodeps /mnt/Packages/httpd-tools-2.4.6-67.el7.x86_64.rpm
警告:/mnt/Packages/httpd-tools-2.4.6-67.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:httpd-tools-2.4.6-67.el7 ################################# [100%]
[root@localhost ~]# rpm -qa|grep httpd
httpd-2.4.6-67.el7.x86_64
httpd-tools-2.4.6-67.el7.x86_64
rpm -qi PACKAGE_NAME //查询指定包的说明信息
[root@localhost ~]# rpm -qi wget
Name : wget
Version : 1.14
Release : 15.el7
Architecture: x86_64
Install Date: 2019年09月26日 星期四 14时15分44秒
Group : Applications/Internet
Size : 2055533
License : GPLv3+
Signature : RSA/SHA256, 2017年05月05日 星期五 21时44分34秒, Key ID 199e2f91fd431d51
Source RPM : wget-1.14-15.el7.src.rpm
Build Date : 2017年05月05日 星期五 20时39分40秒
Build Host : x86-019.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor : Red Hat, Inc.
URL : http://www.gnu.org/software/wget/
Summary : A utility for retrieving files using the HTTP or FTP protocols
Description :
GNU Wget is a file retrieval utility which can use either the HTTP or
FTP protocols. Wget features include the ability to work in the
background while you are logged out, recursive retrieval of
directories, file name wildcard matching, remote file timestamp
storage and comparison, use of Rest with FTP servers and Range with
HTTP servers to retrieve files over slow or unstable connections,
support for Proxy servers, and configurability.
rpm -ql PACKAGE_NAME //查询指定软件包安装后生成的文件列表
[root@localhost ~]# rpm -ql wget
/etc/wgetrc
/usr/bin/wget
/usr/share/doc/wget-1.14
/usr/share/doc/wget-1.14/AUTHORS
/usr/share/doc/wget-1.14/COPYING
/usr/share/doc/wget-1.14/MAILING-LIST
/usr/share/doc/wget-1.14/NEWS
/usr/share/doc/wget-1.14/README
/usr/share/doc/wget-1.14/sample.wgetrc
/usr/share/info/wget.info.gz
/usr/share/locale/be/LC_MESSAGES/wget.mo
/usr/share/locale/bg/LC_MESSAGES/wget.mo
/usr/share/locale/ca/LC_MESSAGES/wget.mo
/usr/share/locale/cs/LC_MESSAGES/wget.mo
/usr/share/locale/da/LC_MESSAGES/wget.mo
/usr/share/locale/de/LC_MESSAGES/wget.mo
/usr/share/locale/el/LC_MESSAGES/wget.mo
/usr/share/locale/en_GB/LC_MESSAGES/wget.mo
/usr/share/locale/eo/LC_MESSAGES/wget.mo
/usr/share/locale/es/LC_MESSAGES/wget.mo
/usr/share/locale/et/LC_MESSAGES/wget.mo
/usr/share/locale/eu/LC_MESSAGES/wget.mo
/usr/share/locale/fi/LC_MESSAGES/wget.mo
/usr/share/locale/fr/LC_MESSAGES/wget.mo
rpm -qf /path/to/somefile //查询指定的文件是由哪个rpm包安装生成的
[root@localhost ~]# which wget
/usr/bin/wget
[root@localhost ~]# rpm -qf /usr/bin/wget
wget-1.14-15.el7.x86_64
[root@localhost ~]# rpm -qf /usr/bin/passwd
passwd-0.79-4.el7.x86_64
rpm -qc PACKAGE_NAME //查询指定包安装的配置文件
rpm -qd PACKAGE_NAME //查询指定包安装的帮助文件
[root@localhost ~]# rpm -qc wget
/etc/wgetrc
[root@localhost ~]# rpm -qd wget
/usr/share/doc/wget-1.14/AUTHORS
/usr/share/doc/wget-1.14/COPYING
/usr/share/doc/wget-1.14/MAILING-LIST
/usr/share/doc/wget-1.14/NEWS
/usr/share/doc/wget-1.14/README
/usr/share/doc/wget-1.14/sample.wgetrc
/usr/share/info/wget.info.gz
/usr/share/man/man1/wget.1.gz
rpm -q --scripts PACKAGE_NAME //查询指定包中包含的脚本
[root@localhost ~]# rpm -q --scripts httpd
preinstall scriptlet (using /bin/sh):
# Add the "apache" group and user
/usr/sbin/groupadd -g 48 -r apache 2> /dev/null || :
/usr/sbin/useradd -c "Apache" -u 48 -g apache
-s /sbin/nologin -r -d /usr/share/httpd apache 2> /dev/null || :
postinstall scriptlet (using /bin/sh):
if [ $1 -eq 1 ] ; then
# Initial installation
systemctl preset httpd.service htcacheclean.service >/dev/null 2>&1 || :
fi
preuninstall scriptlet (using /bin/sh):
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
systemctl --no-reload disable httpd.service htcacheclean.service > /dev/null 2>&1 || :
systemctl stop httpd.service htcacheclean.service > /dev/null 2>&1 || :
fi
postuninstall scriptlet (using /bin/sh):
systemctl daemon-reload >/dev/null 2>&1 || :
# Trigger for conversion from SysV, per guidelines at:
# https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd
posttrans scriptlet (using /bin/sh):
test -f /etc/sysconfig/httpd-disable-posttrans ||
/bin/systemctl try-restart httpd.service htcacheclean.service >/dev/null 2>&1 || :
rpm -q --whatprovides CAPABILITY //查询指定的CAPABILITY(能力)由哪个包所提供
如:rpm -q --whatprovides /bin/cat
[root@localhost ~]# rpm -q --whatprovides /bin/cat
coreutils-8.22-18.el7.x86_64
[root@localhost ~]# rpm -q --whatprovides /usr/bin/passwd
passwd-0.79-4.el7.x86_64
rpm -q --whatrequires CAPABILITY //查询指定的CAPABILITY被哪个包所依赖
[root@localhost ~]# rpm -q --whatrequires httpd-tools
httpd-2.4.6-67.el7.x86_64
rpm -q --changelog COMMAND //查询COMMAND的制作日志
[root@localhost ~]# rpm -q --changelog wget
* 五 5月 05 2017 Tomas Hozza <thozza@redhat.com> - 1.14-15
- Added TLSv1_1 and TLSv1_2 as secure-protocol values to help (#1439811)
- Fixed synchronization in randomly failing unit test Test-proxied-https-auth (#1448440)
* 三 4月 12 2017 Tomas Hozza <thozza@redhat.com> - 1.14-14
- TLS v1.1 and v1.2 can now be specified with --secure-protocol option (#1439811)
* 一 6月 20 2016 Tomas Hozza <thozza@redhat.com> - 1.14-13
- Fix CVE-2016-4971 (#1345778)
- Added support for non-ASCII URLs (Related: CVE-2016-4971)
* 一 3月 21 2016 Tomas Hozza <thozza@redhat.com> - 1.14-12
- Fix wget to include Host header on CONNECT as required by HTTP 1.1 (#1203384)
- Run internal test suite during build (#1295846)
- Fix -nv being documented as synonym for two options (#1147572)
* 五 10月 24 2014 Tomas Hozza <thozza@redhat.com> - 1.14-11
- Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access (#1156136)
* 五 1月 24 2014 Daniel Mach <dmach@redhat.com> - 1.14-10
rpm -q --scripts PACKAGE_NAME //查询指定软件包包含的所有脚本文件
rpm -qR PACKAGE_NAME //查询指定的软件包所依赖的CAPABILITY
rpm -q --provides PACKAGE_NAME //列出指定软件包所提供的CAPABILITY
rpm -qpi /PATH/TO/PACKAGE_FILE //查询指定未安装包的说明信息
[root@localhost ~]# rpm -e wget
[root@localhost ~]# rpm -qi wget
未安装软件包 wget
[root@localhost ~]# rpm -qpi /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
Name : wget
Version : 1.14
Release : 15.el7
Architecture: x86_64
Install Date: (not installed)
Group : Applications/Internet
Size : 2055533
License : GPLv3+
Signature : RSA/SHA256, 2017年05月05日 星期五 21时44分34秒, Key ID 199e2f91fd431d51
Source RPM : wget-1.14-15.el7.src.rpm
Build Date : 2017年05月05日 星期五 20时39分40秒
Build Host : x86-019.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor : Red Hat, Inc.
URL : http://www.gnu.org/software/wget/
Summary : A utility for retrieving files using the HTTP or FTP protocols
Description :
GNU Wget is a file retrieval utility which can use either the HTTP or
FTP protocols. Wget features include the ability to work in the
background while you are logged out, recursive retrieval of
directories, file name wildcard matching, remote file timestamp
storage and comparison, use of Rest with FTP servers and Range with
HTTP servers to retrieve files over slow or unstable connections,
support for Proxy servers, and configurability.
rpm -qpl /PATH/TO/PACKAGE_FILE //查询未安装的软件包会产生哪些文件
[root@localhost ~]# rpm -qpl /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
/etc/wgetrc
/usr/bin/wget
/usr/share/doc/wget-1.14
/usr/share/doc/wget-1.14/AUTHORS
/usr/share/doc/wget-1.14/COPYING
/usr/share/doc/wget-1.14/MAILING-LIST
/usr/share/doc/wget-1.14/NEWS
/usr/share/doc/wget-1.14/README
/usr/share/doc/wget-1.14/sample.wgetrc
/usr/share/info/wget.info.gz
/usr/share/locale/be/LC_MESSAGES/wget.mo
/usr/share/locale/bg/LC_MESSAGES/wget.mo
/usr/share/locale/ca/LC_MESSAGES/wget.mo
/usr/share/locale/cs/LC_MESSAGES/wget.mo
/usr/share/locale/da/LC_MESSAGES/wget.mo
/usr/share/locale/de/LC_MESSAGES/wget.mo
/usr/share/locale/el/LC_MESSAGES/wget.mo
/usr/share/locale/en_GB/LC_MESSAGES/wget.mo
/usr/share/locale/eo/LC_MESSAGES/wget.mo
/usr/share/locale/es/LC_MESSAGES/wget.mo
/usr/share/locale/et/LC_MESSAGES/wget.mo
/usr/share/locale/eu/LC_MESSAGES/wget.mo
/usr/share/locale/fi/LC_MESSAGES/wget.mo
/usr/share/locale/fr/LC_MESSAGES/wget.mo
/usr/share/locale/ga/LC_MESSAGES/wget.mo
/usr/share/locale/gl/LC_MESSAGES/wget.mo
/usr/share/locale/he/LC_MESSAGES/wget.mo
/usr/share/locale/hr/LC_MESSAGES/wget.mo
/usr/share/locale/hu/LC_MESSAGES/wget.mo
/usr/share/locale/id/LC_MESSAGES/wget.mo
/usr/share/locale/it/LC_MESSAGES/wget.mo
/usr/share/locale/ja/LC_MESSAGES/wget.mo
/usr/share/locale/lt/LC_MESSAGES/wget.mo
/usr/share/locale/nb/LC_MESSAGES/wget.mo
/usr/share/locale/nl/LC_MESSAGES/wget.mo
/usr/share/locale/pl/LC_MESSAGES/wget.mo
/usr/share/locale/pt/LC_MESSAGES/wget.mo
/usr/share/locale/pt_BR/LC_MESSAGES/wget.mo
/usr/share/locale/ro/LC_MESSAGES/wget.mo
/usr/share/locale/ru/LC_MESSAGES/wget.mo
/usr/share/locale/sk/LC_MESSAGES/wget.mo
/usr/share/locale/sl/LC_MESSAGES/wget.mo
/usr/share/locale/sr/LC_MESSAGES/wget.mo
/usr/share/locale/sv/LC_MESSAGES/wget.mo
/usr/share/locale/tr/LC_MESSAGES/wget.mo
/usr/share/locale/uk/LC_MESSAGES/wget.mo
/usr/share/locale/vi/LC_MESSAGES/wget.mo
/usr/share/locale/zh_CN/LC_MESSAGES/wget.mo
/usr/share/locale/zh_TW/LC_MESSAGES/wget.mo
/usr/share/man/man1/wget.1.gz
9.4.rpm包升级
rpm -Uvh /PATH/TO/NEW_PACKAGE_FILE //如果装有老版本的,则升级;否则,则安装
[root@localhost ~]# rpm -ivh /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-15.el7 ################################# [100%]
[root@localhost ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/wget-1.14-18.el7_6.1.x86_64.rpm
--2019-09-26 14:56:20-- http://mirror.centos.org/centos/7/os/x86_64/Packages/wget-1.14-18.el7_6.1.x86_64.rpm
正在解析主机 mirror.centos.org (mirror.centos.org)... 160.116.15.18, 2604:1380:3000:2800::1
正在连接 mirror.centos.org (mirror.centos.org)|160.116.15.18|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:560272 (547K) [application/x-rpm]
正在保存至: “wget-1.14-18.el7_6.1.x86_64.rpm”
100%[=========================================================================>] 560,272 121KB/s 用时 4.5s
2019-09-26 14:56:26 (121 KB/s) - 已保存 “wget-1.14-18.el7_6.1.x86_64.rpm” [560272/560272])
[root@localhost ~]# ls
a abc anaconda-ks.cfg dh dh.tar.bz2 test wget-1.14-18.el7_6.1.x86_64.rpm
[root@localhost ~]# rpm -Uvh wget-1.14-18.el7_6.1.x86_64.rpm
警告:wget-1.14-18.el7_6.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-18.el7_6.1 ################################# [ 50%]
正在清理/删除...
2:wget-1.14-15.el7 ################################# [100%]
[root@localhost ~]# rpm -qa|grep wget
wget-1.14-18.el7_6.1.x86_64
[root@localhost ~]# rpm -e wget
[root@localhost ~]# rpm -qa|grep wget
[root@localhost ~]# ld
ld:没有输入文件
[root@localhost ~]# ls
a abc anaconda-ks.cfg dh dh.tar.bz2 test wget-1.14-18.el7_6.1.x86_64.rpm
[root@localhost ~]# rpm -Uvh wget-1.14-18.el7_6.1.x86_64.rpm
警告:wget-1.14-18.el7_6.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-18.el7_6.1 ################################# [100%]
[root@localhost ~]# rpm -qa|grep wget
wget-1.14-18.el7_6.1.x86_64
rpm -Fvh /PATH/TO/NEW_PACKAGE_FILE //如果装有老版本的,则升级;否则,退出
[root@localhost ~]# rpm -e wget
[root@localhost ~]# rpm -qa|grep wget
[root@localhost ~]# ls
a abc anaconda-ks.cfg dh dh.tar.bz2 test wget-1.14-18.el7_6.1.x86_64.rpm
[root@localhost ~]# rpm -Fvh wget-1.14-18.el7_6.1.x86_64.rpm
警告:wget-1.14-18.el7_6.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
[root@localhost ~]# rpm -qa|grep wget
[root@localhost ~]# rpm -ivh /mnt/Packages/wget-1.14-15.el7.x86_64.rpm
警告:/mnt/Packages/wget-1.14-15.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-15.el7 ################################# [100%]
[root@localhost ~]# rpm -qa|grep wget
wget-1.14-15.el7.x86_64
[root@localhost ~]# ls
a abc anaconda-ks.cfg dh dh.tar.bz2 test wget-1.14-18.el7_6.1.x86_64.rpm
[root@localhost ~]# rpm -Fvh wget-1.14-18.el7_6.1.x86_64.rpm
警告:wget-1.14-18.el7_6.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:wget-1.14-18.el7_6.1 ################################# [ 50%]
正在清理/删除...
2:wget-1.14-15.el7 ################################# [100%]
[root@localhost ~]# rpm -qa|grep wget
wget-1.14-18.el7_6.1.x86_64
升级注意事项:
不要对内核做升级操作
Linux支持多内核版本并存,因此,可直接安装新版本内核
如果原程序包的配置文件安装后曾被修改,升级时,新版本提供的同一个配置文件并不会直接覆盖老版本的配置文件,而把新版本的文件重命名(FILENAME.rpmnew)后保留
9.5.rpm包卸载
//语法:rpm -e PACKAGE_NAME
//先查询, 然后卸载
[root@localhost ~]# rpm -qa|grep wget
wget-1.14-18.el7_6.1.x86_64
[root@localhost ~]# rpm -e wget
[root@localhost ~]# rpm -qa|grep wget
注意:如果其他包依赖于要卸载的包,这个被依赖的包是无法卸载的,除非强制卸载,强制卸载后依赖于这个包的其他程序将无法正常工作
9.6.rpm包校验
// 如果执行以下命令无内容输出说明此包未被修改过
[root@localhost ~]# rpm -ivh /mnt/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm
警告:/mnt/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID fd431d51: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:vsftpd-3.0.2-22.el7 ################################# [100%]
[root@localhost ~]# ls /etc/vsftpd/
ftpusers user_list vsftpd.conf vsftpd_conf_migrate.sh
[root@localhost ~]# rpm -V vsftpd
[root@localhost ~]# echo 'haha' >> /etc/vsftpd/vsftpd.conf
[root@localhost ~]# rpm -V vsftpd
S.5....T. c /etc/vsftpd/vsftpd.conf
9.7.rpm重建数据库
数据库信息在/var/lib/rpm目录中
rpm --rebuilddb //重建数据库,一定会重新建立
rpm --initdb //初始化数据库,没有才建立,有就不用建立
[root@localhost ~]# ls /var/lib/rpm
Basenames __db.001 __db.003 Group Name Packages Requirename Sigmd5
Conflictname __db.002 Dirnames Installtid Obsoletename Providename Sha1header Triggername
[root@localhost ~]# rpm --rebuliddb
rpm: --rebuliddb: 未知的选项
[root@localhost ~]# rpm --rebuilddb
[root@localhost ~]# ls /var/lib/rpm
Basenames Dirnames Installtid Obsoletename Providename Sha1header Triggername
Conflictname Group Name Packages Requirename Sigmd5
[root@localhost ~]# rm -rf /var/lib/rpm/*
[root@localhost ~]# ls /var/lib/rpm
[root@localhost ~]# rpm --initdb
[root@localhost ~]# ls /var/lib/rpm
Basenames __db.001 __db.003 Group Name Packages Requirename Sigmd5
Conflictname __db.002 Dirnames Installtid Obsoletename Providename Sha1header Triggername
9.8.检查软件包来源合法性和完整性
加密类型:
对称加密 //加密解密使用同一个密钥
公钥加密 //一对密钥,公钥和私钥。公钥隐含于私钥中,可以提取出来并公布出去
单向加密 //只能加密不能解密
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release //红帽官方公钥
rpm -K PACKAGE_FILE //检查指定包有无密钥信息
dsa,gpg //验证来源合法性,也即验证签名。可以使用--nosignatrue略过此项
sha1,md5 //验证软件包完整性。可以使用--nodigest略过此项
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release //导入密钥文件
CentOS 7发行版光盘提供的密钥文件 //RPM-GPG-KEY-CentOS-7