CentOS系统上rpm命令管理程序包:

       安装、卸载、升级、查询、校验、数据库维护

 

       安装:

              rpm {-i|--install} [install-options] PACKAGE_FILE ...

                     -v: verbose

                     -vv:

                     -h: 以#显示程序包管理执行进度;每个#表示2%的进度

 

                     rpm -ivh PACKAGE_FILE ...

 

                            [install-options]

                                   --test: 测试安装,但不真正执行安装过程;dry run模式;

                                   --nodeps:忽略依赖关系;

                                   --replacepkgs: 重新安装;

 

                                   --nosignature: 不检查来源合法性;

                                   --nodigest:不检查包完整性;

 

                                   --noscipts:不执行程序包脚本片断;

                                          %pre: 安装前脚本; --nopre

                                          %post: 安装后脚本; --nopost

                                          %preun: 卸载前脚本; --nopreun

                                          %postun: 卸载后脚本;  --nopostun

 

       升级:

              rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

              rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

 

                     upgrage:安装有旧版程序包,则“升级”;如果不存在旧版程序包,则“安装”;

                     freeshen:安装有旧版程序包,则“升级”;如果不存在旧版程序包,则不执行升级操作;

 

                     rpm -Uvh PACKAGE_FILE ...

                     rpm -Fvh PACKAGE_FILE ...

 

                     --oldpackage:降级;

                     --force: 强行升级;

 

              注意:(1) 不要对内核做升级操作;Linux支持多内核版本并存,因此,对直接安装新版本内核;

                       (2) 如果原程序包的配置文件安装后曾被修改,长级时,新版本的提供的同一个配置文件并不会直接覆盖老版本的配置文件,而把新版本的文件重命名(FILENAME.rpmnew)后保留

       查询:

              rpm {-q|--query} [select-options] [query-options]

 

              [select-options]

                     -a: 所有包

                     -f: 查看指定的文件由哪个程序包安装生成

 

                     -p /PATH/TO/PACKAGE_FILE:针对尚未安装的程序包文件做查询操作;

 

                     --whatprovides CAPABILITY:查询指定的CAPABILITY由哪个包所提供;

                     --whatrequires CAPABILITY:查询指定的CAPABILITY被哪个包所依赖;

 

              [query-options]

                     --changelog:查询rpm包的changlog

                     -c: 查询程序的配置文件

                     -d: 查询程序的文档

                     -i: information

                     -l: 查看指定的程序包安装后生成的所有文件;

                     --scripts:程序包自带的脚本片断

                     -R: 查询指定的程序包所依赖的CAPABILITY;

                     --provides: 列出指定程序包所提供的CAPABILITY;

 

              用法:

                     -qi PACKAGE, -qf FILE, -qc PACKAGE, -ql PACKAGE, -qd PACKAGE

                     -qpi PACKAGE_FILE, -qpl PACKAGE_FILE, ...

                     -qa

 

       卸载:

              rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts]

           [--notriggers] [--test] PACKAGE_NAME ...

 

 

    校验:

    rpm {-V|--verify} [select-options] [verify-options]

 

       S file Size differs

       M Mode differs (includes permissions and file type)

       5 digest (formerly MD5 sum) differs

       D Device major/minor number mismatch

       L readLink(2) path mismatch

       U User ownership differs

       G Group ownership differs

       T mTime differs

       P caPabilities differ

 

       包来源合法性验正及完整性验正:

              完整性验正:SHA256

              来源合法性验正:RSA

 

 

              公钥加密:

                     对称加密:加密、解密使用同一密钥;

                     非对称加密:密钥是成对儿的,

                            public key: 公钥,公开所有人

                            secret key: 私钥, 不能公开

 

 

              导入所需要公钥:

                     rpm --import /PATH/FROM/GPG-PUBKEY-FILE

 

                     CentOS 7发行版光盘提供的密钥文件:RPM-GPG-KEY-CentOS-7

 

       数据库重建:

              rpm {--initdb|--rebuilddb}

                     initdb: 初始化

                            如果事先不存在数据库,则新建之;否则,不执行任何操作;

 

                     rebuilddb:重建

                            无论当前存在与否,直接重新创建数据库;