RPM Package Manager

(Redirected from Rpm (software))

RPM Package Manager (RPM) (originally Red Hat Package Manager, now a recursive acronym) is a free and open-source package management system.[6] The name RPM refers to the .rpm file format and the package manager program itself. RPM was intended primarily for Linux distributions; the file format is the baseline package format of the Linux Standard Base.

RPM Package Manager (RPM)
Original author(s)Erik Troan, Marc Ewing,[1] Red Hat
Developer(s)Community & Red Hat[2][3]
Initial release1997; 27 years ago (1997)[1]
Stable release
4.20 / 7 October 2024; 44 days ago (2024-10-07)
Repository
Written inC, Perl[4]
Operating systemLinux, Unix-like
Available in40 languages[5]
TypePackage management system
LicenseGPL
Websiterpm.org

Although it was created for use in Red Hat Linux, RPM is now used in many Linux distributions such as PCLinuxOS, Fedora Linux, AlmaLinux, CentOS, openSUSE, OpenMandriva and Oracle Linux. It has also been ported to some other operating systems, such as Novell NetWare (as of version 6.5 SP3), IBM's AIX (as of version 4),[7] IBM i,[8] and ArcaOS.[9]

An RPM package can contain an arbitrary set of files. Most RPM files are "binary RPMs" (or BRPMs) containing the compiled version of some software. There are also "source RPMs" (or SRPMs) containing the source code used to build a binary package. These have an appropriate tag in the file header that distinguishes them from normal (B)RPMs, causing them to be extracted to /usr/src on installation. SRPMs customarily carry the file extension ".src.rpm" (.spm on file systems limited to 3 extension characters, e.g. old DOS FAT).

History

edit

RPM was originally written in 1997 by Erik Troan and Marc Ewing,[1] based on pms, rpp, and pm experiences.

pm was written by Rik Faith and Doug Hoffman in May 1995 for Red Hat Software, its design and implementations were influenced greatly by pms, a package management system by Faith and Kevin Martin in the fall of 1993 for the Bogus Linux Distribution. pm preserves the "Pristine Sources + patches" paradigm of pms, while adding features and eliminating arbitrary limitations present in the implementation. pm provides greatly enhanced database support for tracking and verifying installed packages.[4][10][11]

Features

edit

For a system administrator performing software installation and maintenance, the use of package management rather than manual building has advantages such as simplicity, consistency and the ability for these processes to be automated and non-interactive. rpm uses Berkeley DB as the backend database although since 4.15 in 2019, it supports building rpm packages without Berkeley DB (–disable-bdb).[12]

Features of RPM include:

  • RPM packages can be cryptographically verified with GPG and MD5
  • Original source archive(s) (e.g. .tar.gz, .tar.bz2) are included in SRPMs, making verification easier
  • Delta update: PatchRPMs and DeltaRPMs, the RPM equivalent of a patch file, can incrementally update RPM-installed software
  • Automatic build-time dependency evaluation.

Local operations

edit

Packages may come from within a particular distribution (for example Red Hat Enterprise Linux) or be built for it by other parties (for example RPM Fusion for Fedora Linux).[13] Circular dependencies among mutually dependent RPMs (so-called "dependency hell") can be problematic;[14] in such cases a single installation command needs to specify all the relevant packages.

Repositories

edit

RPMs are often collected centrally in one or more repositories on the internet. A site often has its own RPM repositories which may either act as local mirrors of such internet repositories or be locally maintained collections of useful RPMs.

Front ends

edit

Several front-ends to RPM ease the process of obtaining and installing RPMs from repositories and help in resolving their dependencies. These include:

Local RPM installation database

edit

Working behind the scenes of the package manager is the RPM database, stored in /var/lib/rpm. It uses Berkeley DB as its back-end. It consists of a single database (Packages) containing all of the meta information of the installed RPMs. Multiple databases are created for indexing purposes, replicating data to speed up queries. The database is used to keep track of all files that are changed and created when a user (using RPM) installs a package, thus enabling the user (via RPM) to reverse the changes and remove the package later. If the database gets corrupted (which is possible if the RPM client is killed), the index databases can be recreated with the rpm --rebuilddb command.[17]

Description

edit

Whilst the RPM format is the same across different Linux distributions, the detailed conventions and guidelines may vary across them.

Package filename and label

edit

An RPM is delivered in a single file, normally with a filename in the format:

<name>-<version>-<release>.src.rpm for source packages, or
<name>-<version>-<release>.<architecture>.rpm for binaries.

For example, in the package filename libgnomeuimm-2.0-2.0.0_3.i386.rpm, the <name> is libgnomeuimm, the <version> is 2.0, the <release> is 2.0.0_3, and the <architecture> is i386. The associated source package would be named libgnomeuimm-2.0-2.0.0_3.src.rpm

RPMs with the noarch.rpm extension do not depend on a particular CPU architecture. For example, these RPMs may contain graphics and text for other programs to use. They may also contain shell scripts or programs written in other interpreted programming languages such as Python.

The RPM contents also include a package label, which contains the following pieces of information:

  • software name
  • software version (the version taken from original upstream source of the software)
  • package release (the number of times the package has been rebuilt using the same version of the software). This field is also often used for indicating the specific distribution the package is intended for by appending strings like "mdv" (formerly, "mdk") (Mandriva Linux), "mga" (Mageia), "fc4" (Fedora Core 4), "rh9" (Red Hat Linux 9), "suse100" (SUSE Linux 10.0) etc.
  • architecture for which the package was built (i386, i686, x86_64, ppc, etc.)

The package label fields do not need to match the filename.

Library packaging

edit

Libraries are distributed in two separate packages for each version. One contains the precompiled code for use at run-time, while the second one contains the related development files such as headers, etc. Those packages have "-devel" appended to their name field. The system administrator should ensure that the versions of the binary and development packages match.

Binary format

edit

The format is binary and consists of four sections:[6]

  • The lead, which identifies the file as an RPM file and contains some obsolete headers.
  • The signature, which can be used to ensure integrity and/or authenticity.
  • The header, which contains metadata including package name, version, architecture, file list, etc.
  • A file archive (the payload), which usually is in cpio format, compressed with gzip. The rpm2cpio tool enables retrieval of the cpio file without needing to install the RPM package.[18]
    • The Linux Standard Base requires the use of gzip, but Fedora 30 packages are xz-compressed and Fedora 31 packages might be zstd-compressed.[19] Recent versions of RPM can also use bzip2, lzip,[20] or lzma compression.
    • RPM 5.0 format supports using xar for archiving.

SPEC file

edit

The "Recipe" for creating an RPM package is a spec file. Spec files end in the ".spec" suffix and contain the package name, version, RPM revision number, steps to build, install, and clean a package, and a changelog. Multiple packages can be built from a single RPM spec file, if desired. RPM packages are created from RPM spec files using the rpmbuild tool.

Spec files are usually distributed within SRPM files, which contain the spec file packaged along with the source code.

SRPM

edit

A typical RPM is pre-compiled software ready for direct installation. The corresponding source code can also be distributed. This is done in an SRPM, which also includes the "SPEC" file describing the software and how it is built. The SRPM also allows the user to compile, and perhaps modify, the code itself.

A software package could contain only platform independent scripts. In such a case, the developer could provide only an SRPM, which is still an installable RPM.

NOSRC

edit

This is a special version of SRPM. It contains "SPEC" file and optionally patches, but does not include sources (usually because of license).[21]

Forks

edit

As of June 2010, there are two versions of RPM in development: one led by the Fedora Project and Red Hat, and the other by a separate group led by a previous maintainer of RPM, a former employee of Red Hat.

RPM.org

edit

The rpm.org community's first major code revision was in July 2007; version 4.8 was released in January 2010, version 4.9 in March 2011, 4.10 in May 2012, 4.11 in January 2013, 4.12 in September 2014 and 4.13 in July 2015.

This version is used by distributions such as Fedora Linux, Red Hat Enterprise Linux and derivatives, openSUSE, SUSE Linux Enterprise, Unity Linux, Mageia,[22] OpenEmbedded, Tizen and OpenMandriva Lx (formerly Mandriva).

RPM v5 (Defunct)

edit

Jeff Johnson, the RPM maintainer since 1999, continued development efforts together with participants from several other distributions. RPM version 5 was released in May 2007.

This version was used by distributions such as Wind River Linux (until Wind River Linux 10), Rosa Linux, and OpenMandriva Lx (former Mandriva Linux which switched to rpm5 in 2011[23]) and also by the OpenPKG project which provides packages for other common UNIX-platforms.

OpenMandriva Lx has switched back to rpm.org[24] for 4.0 release.[needs update]

OpenEmbedded, the last major user of RPM5, switched back to rpm.org due to issues in RPM5.[25][26]

See also

edit

References

edit
  1. ^ a b c "RPM timeline". rpm.org. Retrieved 2020-06-25.
  2. ^ "RPM -- plans, goals, etc". Max Spevack. Archived from the original on 2012-10-06. Retrieved 2011-01-20.
  3. ^ "RPM.org FAQ". Archived from the original on 2016-11-05. Retrieved 2013-08-25.
  4. ^ a b Bailey, Edward C. (2000). "Chapter 1: An Introduction to Package Management". Maximum RPM: Taking the Red Hat Package Manager to the Limit. Red Hat, Inc. pp. 22–25. ISBN 978-1888172782. Archived from the original on 2016-09-10. Retrieved 2013-08-13.
  5. ^ "po/LINGUAS". GitHub. 2022-04-23. Archived from the original on 2022-04-23. Retrieved 2022-04-23.
  6. ^ a b Bailey, Edward C. (2000). "Appendix A: Format of the RPM File". Maximum RPM: Taking the Red Hat Package Manager to the Limit. Red Hat, Inc. pp. 325–336. ISBN 978-1888172782. Archived from the original on 2016-04-21. Retrieved 2010-11-22.
  7. ^ "Configuring YUM and creating local repositories on IBM AIX". 2018-10-24. Archived from the original on 2020-10-03. Retrieved 2020-09-03.
  8. ^ "RPM and Yum are a big deal for IBM i. Here's why". 2018-07-18. Archived from the original on 2019-06-29. Retrieved 2020-09-03.
  9. ^ "Package Manager". Archived from the original on 2016-03-25. Retrieved 2020-09-04.
  10. ^ "RPM Guide-RPM - Design Goals". Archived from the original on 2014-03-21. Retrieved 2014-04-14.
  11. ^ "BOGUS Announce". Archived from the original on 2013-11-04. Retrieved 2014-04-14.
  12. ^ "rpm4 was support for building rpm without Berkeley DB (–disable-bdb)". The FreeBSD Forums. 2020-01-29. Archived from the original on 2024-02-23. Retrieved 2023-09-18.
  13. ^ "RPM Fusion". rpmfusion.org. Archived from the original on 2019-02-11. Retrieved 2010-11-22.
  14. ^ "An Analysis of RPM Validation Drift" (PDF). USENIX Association. Archived (PDF) from the original on 2011-07-28. Retrieved 2011-03-15.
  15. ^ "Zypper - MeeGo wiki". Archived from the original on 2013-09-25. Retrieved 2014-04-14.
  16. ^ "FAQs: About the Projects". Ark Linux Official Site. Archived from the original on 2012-02-11. Retrieved 2014-04-14.
  17. ^ "Repair an RPM database safely". Archived from the original on 2019-08-06. Retrieved 2011-11-11.
  18. ^ "Supplemental Packaging Software". Fedora Project. Archived from the original on 2016-03-10. Retrieved 2011-11-11.
  19. ^ "Switch RPMs to zstd compression". Fedora Project (Wiki). Archived from the original on 2019-06-02. Retrieved 2019-06-02.
  20. ^ "[PATCH] Add lzip support". Archived from the original on 2016-03-04. Retrieved 2013-10-24.
  21. ^ "How to package proprietary software". 10 December 2014. Archived from the original on 2018-07-02. Retrieved 2018-07-02.
  22. ^ "Mageia 3 Release Notes: Package management". mageia.org. 2013-05-19. Archived from the original on 2014-02-07. Retrieved 2014-04-14.
  23. ^ Bodnar, Ladislav & Smith, Jesse (2010-11-22). "DistroWatch Weekly". DistroWatch. Archived from the original on 2018-06-23. Retrieved 2010-11-22.
  24. ^ "Forum: Switching to RPMv4". Archived from the original on 2022-01-14. Retrieved 2018-03-03.
  25. ^ "YP Core - Pyro 2.3". Yocto Project. 2017-05-12. Archived from the original on 2017-12-05. Retrieved 2017-12-04.{{cite web}}: CS1 maint: bot: original URL status unknown (link)()
  26. ^ "[Openembedded-architecture] Changes that switching from smart to dnf will cause". Yocto Project. 2017-02-14. Archived from the original on 2018-11-05. Retrieved 2018-11-04.
edit