rpm is the command used to install, uninstall and query packages. To install a package the simplest way would be with the command:

# rpm -i package-version-arch.rpm

The “-i” flag installs the package if it is not already installed. We can also use…

# rpm -U package-version-arch.rpm

… and then we would be installing the package or upgrading it to a higher version if an older version is already installed. Finally, we can upgrade a package if it is installed or do nothing if it isn’t:

# rpm -F package-version-arch.rpm

To uninstall a package we use the “-e” flag:

# rpm -e package-version-arch.rpm

All the commands above work only provided the dependency checks are passed. If a package install requires the existence of another package that is not there, the install will fail with a message explaining the failed dependency. The same way, if removing a package means that another package will stop working, the uninstall will fail. We can override that behaviour by using the “–force” option if we are sure about what we are doing!

With rpm we can install packages that are remotely located. For instance we could run the following command provided we had access to the remote system:

# rpm -ivh ftp://ftp.bogomips.net/pub/rhel7/inst/zip-3.0-10.el7.x86_64.rpm
# rpm -ivh ftp://marc:password@ftp.bogomips.net/pub/rhel7/inst/zip-3.0-10.el7.x86_64.rpm

We can use some more advanced options when installing packages bearing in mind that we might end up breaking those packages and the system. So beware! Some of those non-default installation tweaks are:

--allfiles     Installs or upgrades all the missingok files in the package, regardless if they exist. 

--excludepath OLDPATH  Don’t install files whose name begins with OLDPATH.

--excludedocs  Don’t install any files which are marked as documentation (man pages + texinfo docs).

--force        Same as using --replacepkgs, --replacefiles, and --oldpackage.

--ignoresize   Don’t check mount file systems for sufficient disk space before installing this package.

--justdb       Update only the database, not the filesystem.

--nodigest     Don’t verify package or header digests when reading.

--nosignature  Don’t verify package or header signatures when reading.

--nodeps       Don’t do a dependency check before installing or upgrading a package.

--nosuggest    Don’t suggest package(s) that provide a missing dependency.

--noorder      Don’t reorder the packages for an install. The list of packages would normally be reordered to satisfy dependencies.

--oldpackage   Allow an upgrade to replace a newer package with an older one.

--replacefiles Install the packages even if they replace files from other, already installed, packages.

--replacepkgs  Install the packages even if some of them are already installed on this system.

--test         Do not install the package, simply check for and report potential conflicts.

--noscripts, --nopre, --nopost, --nopreun, --nopostun   Don’t execute the scriptlet of the same name. The --noscripts option is equivalent to the other 4 options together and turns off the execution of the corresponding %pre, %post, %preun, and %postun scriptlet(s).

--notriggers, --notriggerin, --notriggerun, --notriggerpostun    Don’t execute any trigger scriptlet of the named type. The --notriggers option is equivalent to the other 4 options together and turns off execution of the corresponding %triggerin, %triggerun, and %triggerpostun scriptlet(s).

--prefix NEWPATH   For relocateable binary packages, translate all file paths that start with the installation prefix in the package relocation hint(s) to NEWPATH.

--relocate OLDPATH=NEWPATH   For relocatable binary packages, translate all file paths that start with OLDPATH in the package relocation hint(s) to NEWPATH. This option can be used repeatedly if several OLDPATH‘s in the package are to be relocated.


To query all the packages installed on the system we can use:

# rpm -qa                             → list of rpm packages currently installed
# rpm –file /etc/sthg.conf           → shows the package that owns the given file
# rpm -qi package-version-arch.rpm    → shows name, version & description of rpm
# rpm -ql package-version-arch.rpm    → shows all files that belong to rpm
# rpm -qs package-version-arch.rpm    → shows the state (normal, not installed, replaced) of all files in rpm

One of the most useful query capabilities of rpm is the ability of comparing the status of all the files belonging to a package against an a downloaded RPM.

# rpm –verify -p rpmbuild/RPMS/i686/vsftpd-2.2.2-1.el6.i686.rpm
…….T. c /etc/logrotate.d/vsftpd
SM5DLUGTP c /etc/pam.d/vsftpd

The last parameter is obviously the file in question. The character before it can be a ‘c’ (configuration file), ‘d’ (documentation) or (something else).

The first 9 characters show the possible differences between the installed files and what the RPM says they should be:

S → size

M → permisssions or file type

5 → MD5

D → device major/minor number mismatch

L → readlink path mismatch

U → user ownership

G → group ownership

T → modification time

P → capabilities


As a side note, we should never run…

# rpm -U newkernel

… overwrites and updates the current kernel!!!

Instead we should always run:

# [ yum | dnf ] install kernel

If something goes wrong with the new kernel, we can always go back to GRUB and boot using the old kernel.

<< patching             yum >>