每天学五分钟 Liunx 0010 | 软件篇: RPM 和 YUM
1. RPM
RPM(RedHat Package Manager),顾名思义是 RedHat 的软件包管理器。它遵循 GPL 规则且功能强大好用,从而逐渐运用到其它 Liunx 发行版中,包括 Fedora,CentOS 等。通过 RPM 可以很方便的查询,升级和安装软件包。
厂商提供软件时,会预先将软件编译打包成 RPM 包,其中包含预先检测系统和依赖软件的脚本等。用户使用对应的 RPM 包安装软件,在安装时 RPM 首先检测用户环境,依赖软件是否安装等信息,检测通过即开始安装软件。软件安装完成后,软件的相关信息会写到 /var/lib/rpm 目录下的数据库文件中,以后对软件的操作都会先到这个数据库文件中查询。
2. RPM 命令
以安装 xterm 软件为例,介绍 RPM 命令。
RPM 查询:
[root@test packages]# rpm -q[a|i|l|c|R|f] # a: 列出所有已经安装的软件 # i: 列出软件的详细信息 # l: 列出软件所有的文件与目录所在的完整文件名 # c: 列出软件的设置文件 # R:列出软件有关的依赖软件所包含的文件 # f: 列出该文件属于哪个软件 [root@test packages]# rpm -qa | grep xterm
RPM 安装:
[root@test packages]# rpm -ivh package_name
# i: install
# v: 打印详细的安装信息
# h: 安装信息栏的方式显示安装进度
[root@test packages]# rpm -ivh xterm-295-3.el7.x86_64.rpm Preparing... ################################# [100%] Updating / installing... 1:xterm-295-3.el7 ################################# [100%]
RPM 验证:
前面提到软件完成之后,软件信息会记录到 /var/lib/rpm 目录下的数据库文件中。如果更改软件相关文件或者删除软件相关配置文件时,通过 RPM 命令的 -V 选项即可验证软件的哪些文件改动了,验证的方式就是将当前系统软件文件与数据库文件进行比较。
[root@test packages]# rpm -V[a|f] # V: 后接软件名称,如果有文件改动则列出 # a: 列出系统所有可能被改动过的文件 # f: 后接文件,列出该文件是否被改动过 [root@test packages]# rpm -ql xterm ... /usr/share/doc/xterm-295/THANKS ... [root@test packages]# echo "thanks for you, xterm" >> /usr/share/doc/xterm-295/THANKS [root@test packages]# rpm -V xterm S.5....T d /usr/share/doc/xterm-295/THANKS
可以看到,验证的输出有 S.5....T. 8 个字符,其中每个字符表示的意思是:
S: 文件的容量被改变;
M: 文件的类型被改变;
5: MD5 码被改变;
D: 设备的主/次码被改变;
L: Link 路径被改变;
U: 文件的所有者被改变;
G: 文件的所属用户组被改变;
T: 文件的创建时间被改变;
另外,第二项的 d 表示文件的类型是文档,除了 d 还有 c 表示配置文件,l license 文件,r readme 文件, g ghost 文件。
除了上面验证文件更改的方式,还有一种用数字证书 (gpg-key) 验证 rpm 包的方式。厂商发布 RPM 包时,会将 RPM 包的公钥提供给用户,用户在安装 RPM 包时, rpm 命令会将此公钥与 RPM 包的密钥信息作对比,如果一致,则予以下载,反之则给予警告并停止安装。
[root@test packages]# cd /etc/pki/rpm-gpg/ [root@test rpm-gpg]# ls RPM-GPG-KEY-redhat-beta RPM-GPG-KEY-redhat-legacy-former RPM-GPG-KEY-redhat-legacy-release RPM-GPG-KEY-redhat-legacy-rhx RPM-GPG-KEY-redhat-release [root@test rpm-gpg]# ll RPM-GPG-KEY-redhat-beta -rw-r--r--. 1 root root 3375 Sep 27 2016 RPM-GPG-KEY-redhat-beta [root@test rpm-gpg]# cat RPM-GPG-KEY-redhat-beta -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.2.6 (GNU/Linux) mQINBEmkAzABEAC2/c7bP1lHQ3XScxbIk0LQWe1YOiibQBRLwf8Si5PktgtuPibT kKpZjw8p4D+fM7jD1WUzUE0X7tXg2l/eUlMM4dw6XJAQ1AmEOtlwSg7rrMtTvM0A BEtI7Km6fC6sU6RtBMdcqD1cH/6dbsfh8muznVA7UlX+PRBHVzdWzj6y8h84dBjo gzcbYu9Hezqgj/lLzicqsSZPz9UdXiRTRAIhp8V30BD8uRaaa0KDDnD6IzJv3D9P xQWbFM4Z12GN9LyeZqmD7bpKzZmXG/3drvfXVisXaXp3M07t3NlBa3Dt8NFIKZ0D FRXBz5bvzxRVmdH6DtkDWXDPOt+Wdm1rZrCOrySFpBZQRpHw12eo1M1lirANIov7 ********************************************************************** -----END PGP PUBLIC KEY BLOCK----- [root@test rpm-gpg]# [root@test rpm-gpg]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta # 导入公钥到 RPM
RPM 卸载:
[root@test packages]# rpm -e # e: erase [root@test packages]# rpm -qa | grep xterm xterm-295-3.el7.x86_64 [root@test packages]# rpm -e xterm [root@test packages]# rpm -qa | grep xterm [root@test packages]#
RPM 卸载要注意考虑软件依赖性问题,从上到下依次卸载!
当然,RPM 的缺点也是很明显的,如前说述,安装 RPM 包时,RPM 会去检查软件的依赖 rpm 包,如果依赖包没有安装则停止安装软件。需要将依赖的软件包事先装好,然后才能安装,很麻烦。为了解决这种依赖包安装的问题,YUM 在线升级安装的机制就应运而生。
3. YUM
YUM(Yellow dog Updater,Modified),是基于 rpm 包的软件管理器,它可以从指定服务器下载 rpm 包并且安装,而且它可以自动处理软件依赖关系,也可以方便的对软件进行查询,更新等操作。
4. YUM 工作原理
客户端在下载软件时,根据自带的 repo 文件到指定的 YUM 服务器下载清单列表,清单列表记录了软件的信息以及软件依赖关系等。清单列表和实际软件组成了软件仓库 repository。客户端将清单列表下到本地,再和本地 rpm 的数据库比较,如果发现需要下载的软件不在本地或者本地没有依赖包时会到 YUM 服务器中下载相应的软件包。同时,因为有了本地数据库和清单列表,也就知道哪些软件可以做 update 了。
5. YUM 命令
|
Individual packages
|
list
|
List package names from repositories
yum list available
List all available packages
yum list installed
List all installed packages
yum list all
List installed and available packages
yum list kernel
List installed and available packages
|
|
info
|
Dispaly information about a package
yum info vsftpd
List info about vsftpd package
|
|
|
deplist
|
Display dependencies for a package
yum deplist nfs-utils
List dependencies and packages providing them
|
|
|
provides
|
Find packages that provide the queried file
yum provides "*bin/top"
Show package that contains top command
yum provides "*/README.top"
Show package containing README.top file
|
|
|
search
|
Search package names and descriptions for a term
yum search samba
Find packages with samba in name or description
|
|
|
updateinfo
|
Get information about available package updates
yum updateinfo security
Get into on available security updates
|
|
|
Grups of packages
|
grouplist
|
List names of installed and available package groups
|
|
groupinfo
|
Display description and contents of a package group
yum groupinfo "Web Server"
See packages in Web Server group
|
|
|
check-update
|
Query repositories for available package updates
|
|
|
groupinstall
|
install all packages in the selected group
yum groupinstall "Web Server"
Install Web Server packages
|
|
|
YUM repositories
|
repolist
|
Display enabled software repositories
|
|
repoinfo
|
Display information about enabled yum repositories
yum repoinfo rhel-7-server-RPMs
see info on rhel-7-server-rpms repo
|
|
|
makecache
|
Download yum repository data to cache
|
|
|
Install/Remove/Update packages with YUM
|
install
|
Install a package from a repo to system
yum install vsftpd
install the vsftpd package
|
|
update
|
update one or all packages on system
yum update
update all packages with available updates
yum update httpd
update the httpd package(if available)
|
|
|
update-to
|
update package to a particular version
|
|
|
upgrade
|
update packages taking obsoletes into account
|
|
|
localinstall
|
install a package from a local file,http,or ftp
yum localinstall abc.i386.rpm
install abc package from local directory
yum localinstall http://myrepo/abc.i386.rpm
install abc from FTP site
|
|
|
downgrade
|
Downgrade a package to an earlier version
yum downgrade abc
Downgrade the abc package to an earlier version
|
|
|
reinstall
|
reinstall the current version of a package
yum reinstall util-liunx
reinstall util-liunx
|
|
|
swap
|
remove one package and install another
yum swap ftp lftp
remove ftp package and install lftp
|
|
|
erase
|
Erase a package
yum remove vsftpd
remove the vsftpd package and dependencies
|
|
|
remove
|
same with erase
|
|
|
Troubleshooting
|
check
|
Check the local RPM database for problems
|
|
history
|
View and use yum transactions
yum history list
List all yum install,update and erase actions
yum history info 3
show details of yum transaction 3
|
|
|
clean
|
clear out cached package data
yum clean packages
Delete packages saved in cache
yum clean all
Clean out all packages and meta data from cache
|
|
|
YUM related command(install yum-utils)
|
reposync
|
Synchronize yum repositories to a local directory
reposync -r rhel-atomic-host-beta-rpms
Get packages from repo
|
|
options for YUM commands
|
-y
|
Assume yes if prompted
|
|
-v
|
produce extra debugging output
|
|
|
--downloadonly
|
Download to /var/cache/yum/arch/prod/repo/packages/,but dot't install
yum install --downlaodonly vsftpd
Download vsftpd package to cache
|
6. YUM 实践
同使用 RPM 安装 xterm 软件的方式类似,这里使用 yum 的方式安装软件 xterm:
[root@test ~]# yum repolist all Loaded plugins: product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. repo id repo name status osp7_server Red Hat Enterprise Linux Open Stack 7 Packages enabled: 954 osp_optools_server Red Hat Enterprise Linux Open Stack Tools Packages disabled osp_tools_server Red Hat Enterprise Linux Open Stack Tools Packages disabled rhel-common Red Hat Enterprise Linux 7.3 X86_64 Server Extra Packages enabled: 228 rhel-extras Red Hat Enterprise Linux 7.3 X86_64 Server Extra Packages enabled: 465 rhel-optional Red Hat Enterprise Linux 7.3 X86_64 Server Extra Packages disabled rhel-server Red Hat Enterprise Linux 7.3 X86_64 Server Packages enabled: 14,275 repolist: 15,922 [root@test ~]# yum list installed | grep xterm [root@test ~]# yum list available | grep xterm xterm.x86_64 295-3.el7 rhel-server [root@test ~]# yum clean all Loaded plugins: product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Cleaning repos: osp7_server rhel-common rhel-extras rhel-server Cleaning up everything [root@test ~]# yum install xterm Loaded plugins: product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Bad id for repo: <repo_file_name>, byte = < 0 osp7_server | 2.9 kB 00:00:00 rhel-common | 2.9 kB 00:00:00 rhel-extras | 2.9 kB 00:00:00 rhel-server | 2.9 kB 00:00:00 (1/4): rhel-common/primary_db | 102 kB 00:00:01 (2/4): rhel-extras/primary_db | 184 kB 00:00:01 (3/4): osp7_server/primary_db | 427 kB 00:00:02 (4/4): rhel-server/primary_db | 27 MB 00:00:37 Resolving Dependencies --> Running transaction check ---> Package xterm.x86_64 0:295-3.el7 will be installed --> Processing Dependency: libXt.so.6()(64bit) for package: xterm-295-3.el7.x86_64 --> Processing Dependency: libXmu.so.6()(64bit) for package: xterm-295-3.el7.x86_64 --> Processing Dependency: libXaw.so.7()(64bit) for package: xterm-295-3.el7.x86_64 --> Running transaction check ---> Package libXaw.x86_64 0:1.0.12-5.el7 will be installed ---> Package libXmu.x86_64 0:1.1.2-2.el7 will be installed ---> Package libXt.x86_64 0:1.1.4-6.1.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================== Installing: xterm x86_64 295-3.el7 rhel-server 455 k Installing for dependencies: libXaw x86_64 1.0.12-5.el7 rhel-server 190 k libXmu x86_64 1.1.2-2.el7 rhel-server 71 k libXt x86_64 1.1.4-6.1.el7 rhel-server 173 k Transaction Summary ============================================================================================================================================================== Install 1 Package (+3 Dependent packages) Total download size: 889 k Installed size: 2.3 M Is this ok [y/d/N]: y Downloading packages: (1/4): libXaw-1.0.12-5.el7.x86_64.rpm | 190 kB 00:00:01 (2/4): libXt-1.1.4-6.1.el7.x86_64.rpm | 173 kB 00:00:00 (3/4): libXmu-1.1.2-2.el7.x86_64.rpm | 71 kB 00:00:01 (4/4): xterm-295-3.el7.x86_64.rpm | 455 kB 00:00:00 -------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 329 kB/s | 889 kB 00:00:02 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : libXt-1.1.4-6.1.el7.x86_64 1/4 Installing : libXmu-1.1.2-2.el7.x86_64 2/4 Installing : libXaw-1.0.12-5.el7.x86_64 3/4 Installing : xterm-295-3.el7.x86_64 4/4 Verifying : libXaw-1.0.12-5.el7.x86_64 1/4 Verifying : libXmu-1.1.2-2.el7.x86_64 2/4 Verifying : libXt-1.1.4-6.1.el7.x86_64 3/4 Verifying : xterm-295-3.el7.x86_64 4/4 Installed: xterm.x86_64 0:295-3.el7 Dependency Installed: libXaw.x86_64 0:1.0.12-5.el7 libXmu.x86_64 0:1.1.2-2.el7 libXt.x86_64 0:1.1.4-6.1.el7 Complete! [root@test ~]# yum remove xterm Loaded plugins: product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Bad id for repo: <repo_file_name>, byte = < 0 Resolving Dependencies --> Running transaction check ---> Package xterm.x86_64 0:295-3.el7 will be erased --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================== Removing: xterm x86_64 295-3.el7 @rhel-server 1.2 M Transaction Summary ============================================================================================================================================================== Remove 1 Package Installed size: 1.2 M Is this ok [y/N]: y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Erasing : xterm-295-3.el7.x86_64 1/1 Verifying : xterm-295-3.el7.x86_64 1/1 Removed: xterm.x86_64 0:295-3.el7 Complete! [root@test ~]# yum install -y xterm Loaded plugins: product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Resolving Dependencies --> Running transaction check ---> Package xterm.x86_64 0:295-3.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================== Installing: xterm x86_64 295-3.el7 rhel-server 455 k Transaction Summary ============================================================================================================================================================== Install 1 Package Total download size: 455 k Installed size: 1.2 M Downloading packages: xterm-295-3.el7.x86_64.rpm | 455 kB 00:00:01 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : xterm-295-3.el7.x86_64 1/1 Verifying : xterm-295-3.el7.x86_64 1/1 Installed: xterm.x86_64 0:295-3.el7 Complete!
yum clean all 之后再下载软件包速度会变慢,因为缓存被清掉了。第二次再下载 xterm 包的时候速度就会快很多,因为这时候有缓存了。同时,第一次下载软件包的时候,相应的依赖包也会下载,remove 软件包 xterm 时,依赖包并没有 remove,所以第二次安装时只需要安装一个 xterm rpm 包即可。
7. YUM 配置
前面 yum repolist 列了好几个 repo,那么这些 repo 是在哪里配置的呢?
YUM 的 repo 配置是在 /etc/yum.repos.d/ 文件夹下配置的,文件下的 repo 文件以 .repo 结尾:
[root@test yum.repos.d]# ll /etc/yum.repos.d/ total 12 -rw-r--r--. 1 root root 1563 Mar 30 2019 lianhuasheng.repo -rw-r--r--. 1 root root 358 Mar 30 2019 redhat.repo
打开文件 lianhuasheng.repo 看看里面的内容:
## RHEL ### [rhel-server] name=Red Hat Enterprise Linux 7.3 X86_64 Server Packages # mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge baseurl=http://10.57.0.1:80/rhel-7/rhel-x86_64-server-7 http://10.57.217.11:80/rhel-7/rhel-x86_64-server-7 gpgcheck=0 enabled=1 failovermethod=priority [rhel-extras] name=Red Hat Enterprise Linux 7.3 X86_64 Server Extra Packages # mirrorlist = http://apt.sw.be/redhat/$releasever/en/mirrors-rpmforge baseurl=http://10.57.0.1:80/rhel-7/rhel-x86_64-server-extras-7/ gpgcheck=1 enabled=1 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY exclude=cfengine nx-libs nxproxy nxagent libNX* libXcomp* perl-App-Daemon ...
各参数的意义如下:
rhel-server: repo 的 id,中括号不能少。id 是唯一的,否则 yum 不知道该用哪个 id 下载软件包和清单列表。
name: repo 的名字。
baseurl: 后接的是固定的 repo 地址,baseurl 可以接多个 url 地址,参数 failovermethod 设置多个 url 的策略,它有两个值 priority 和 roundrobin,priority 表示根据 url 顺序从第一个开始选,roundrobin 则是随机选择 url,如果连接失败了则选下一个。
enable: repo 是启动的,让 repo不启动可将 enable 设为 0。
gpgcheck: 是否验证 RPM 证书,设为 0 表示不验证,设为 1 则表示验证证书,同时使用 gpgkey 参数指明需要验证的证书位置。
mirrorlist: 列出容器使用的镜像网址,yum 会自行取找镜像网址。
exclude: 指定的软件不能升级和安装,* 表示通配符。
除了 repo 的配置文件之外,还有一个 YUM 的配置文件 yum.conf,在 /etc/ 目录下:
[root@test yum.repos.d]$ cat /etc/yum.conf [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=1 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=5 pkgpolicy=newest proxy=http://10.0.0.1:8080/
主要参数意义如下:
cachedir: yum 缓存的目录,在此目录下存下载的 rpm 包和数据库(yum 的数据库和 rpm 的数据库是有关联的,yum 下载的软件包使用 rpm 命令也可以 list 出来)。默认配置为 /var/cache/yum。
keepcache: 安装完成是否保留软件包,0 为不保留,1 为保留。
exactarch: 值为 1,则 yum 只会安装和系统架构匹配的软件包。例如,yum 不会将 i686 的软件包安装在 i386 的系统架构中。反之设为 0 则会安装。
logfile: yum 日志文件位置。
obsoleters: 设为 1 则表示允许更新老的 RPM 包。
gpgcheck: 做证书验证。
plugins: 是否启用插件, 1 表示启用。
pkgpolicy:如果设置了多个 repository,而同一软件在不同的 repository 中同时存在,yum 应该安装哪一个。可通过 pkgpolicy 指定,它有两个值 newest 和 last,newest 表示 yum 会安装最新的版本。如果是 last 的话,yum 会将服务器 id 以字母表顺序排序,然后选择最后的那个服务器上的软件安装。如果软件的版本在多个 repo 中都是一样的,yum 只会列出一个 repo 的软件。
YUM 中的变量:
$releasever: 代表发行版的版本,从 [main] 部分的 distroverpkg 获取(yum.conf 文件),如果没有,则根据 redhat-release 包进行判断。
$arch:cpu 架构,如 i686,athlon 等
$basearch:cpu 基本架构组,如 i686 和 athlon 同属 i386,alpha 和 alphaev6 同属 alpha。
8. 配置国内 YUM 源
配置官方的 yum 源需要向订阅注册(收费的),同时还会有下载不稳定的问题。可以配置国内的 YUM 源快速安装软件。
中国科学技术大学 YUM 源:
# CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/os/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os gpgcheck=1 gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5 #released updates [updates] name=CentOS-$releasever - Updates - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/updates/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates gpgcheck=1 gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/extras/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras gpgcheck=1 gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5 #packages used/produced in the build but not released [addons] name=CentOS-$releasever - Addons - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/addons/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/centosplus/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus gpgcheck=1 enabled=0 gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib - mirrors.ustc.edu.cn baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/contrib/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib gpgcheck=1 enabled=0 gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5
如果连接不上需要注意检查是不是代理的问题,中科大源地址可点这里。
(完)
芝兰生于空谷,不以无人而不芳。
