Product SiteDocumentation Site

Chapter 4. Using the RPM Database

4.1. Querying the RPM Database
4.1.1. Querying packages
4.1.2. Querying everything
4.1.3. Refining the query
4.1.4. Finding which packages own files
4.2. Getting Information on Packages
4.2.1. Describing packages
4.2.2. Package groups
4.2.3. Listing the files in a package
4.2.4. Listing the configuration files for a package
4.2.5. Listing the documentation files for a package
4.2.6. Listing the state of the files in a package
4.2.7. Listing the scripts in a package
4.2.8. Listing what has changed
4.2.9. Combining queries
4.2.10. Creating custom queries
4.2.11. Working With Query Format Tags
4.2.12. Querying for Package Information
4.2.13. Formatting Arrays
4.2.14. Special Formatting
4.2.15. Querying for Package Dependencies
4.2.16. Querying for File Information
4.2.17. Other Query Format Tags
4.3. Other queries
4.4. Getting Information on Package Files
4.4.1. Querying Package Files Remotely
4.4.2. Verifying Installed RPM Packages
4.4.3. Working With the RPM Database
4.4.4. Summary
This chapter covers:
Every package you install with RPM is recorded in the RPM database. The RPM system includes commands to query this database to find out which packages are installed and to provide quite a few details about these packages.
This chapter covers querying both the RPM database and RPM package files. Both types of query are important:
In addition to querying the RPM database, you can use the database to verify packages. Since this database is so important to the management of your Linux system, this chapter covers how to back it up, as well as how to repair a damaged RPM database.

4.1. Querying the RPM Database

In Chapter 3, Using RPM , you saw that the rpm command usually takes one major command-line option to tell it the operation to perform and a myriad of command-line options to customize the operation. The rpm command may also take the name of one or more RPM package files or the name of one or more installed packages. For example, the rpm –i command performs an installation operation, and the rpm –U command performs an upgrade.
For querying the RPM database, the major command-line option is –q, short for query. This option tells the rpm command to query the RPM database. You can also use the long option --query.
In the last few chapters, you've used the –q option with the rpm command to query just for the presence or absence of installed packages. You can expand the -q option to perform a wide array of queries to find out information about the packages installed on a Linux system.

4.1.1. Querying packages

The basic format of the rpm –q command follows:
rpm –q package_name
You need to provide the name of a package to query. For example:
rpm -q telnet-0.17
This command returns the name of the package, if installed. For example:
If the package is not installed, you’ll see a message like the following:
        package telnet-0.17 is not installed
You can provide the whole package name to the rpm command, which includes the name, the version, and the RPM package number, as discussed in Chapter 2, RPM Overview . You can also just provide the name and version number, as shown previously, or just the base name of the package.
For example, the following command uses just the base name of the package:
rpm -q telnet


The rpm –q command expects a package name. Although it supports some amount of customized queries, you really need to know which packages you want the rpm command to report on.
You can provide more than one package name; the rpm command reports on each package, as shown following.
rpm -q telnet telnet-server
You need to change the way you query if you want to perform searches when you do not know the full package name in advance. The following sections cover options for creating various queries.

4.1.2. Querying everything

Up to now, we have used the rpm command to query only for specific packages. The –a option tells the rpm command to query for all packages. You can also use the longer option, --all, in place of –a.
For example:
rpm -qa
This command returns every package installed on your system, quite a few packages. The packages are returned one per line, as shown following.
This output has been modified to meet size constraints. Try the rpm –qa command to see the full output for your system.
There may be over a thousand packages on your system. Even so, the rpm –qa command executes surprisingly fast.

4.1.3. Refining the query

When you query all the installed packages, you get too much output for most purposes, other than to get a general idea of the magnitude of packages installed on your system. But if you cannot remember a package name, there's no real option, other than writing your own RPM query program.
You can take advantage of the power of the Linux shells, though, and the wonderful ability to pipe the output of one command into another to work around this problem. With the large amount of output, you may want to pipe the output to the more or less programs, and display the output one page at a time.
Even with more and less, the rpm –qa command outputs too much information to be really useful, unless you can somehow filter the information automatically. Piping the Output To grep

The Linux (and Unix) grep command provides a powerful tool for filtering through textual data. If you pipe the output of the rpm –qa command into the grep command, you have a powerful search engine at your fingertips.
For example, if you know that most packages that provide tools for the SSH service have "ssh" in their names, you can find all these packages by using a command like the following:
rpm -qa | grep ssh
This command outputs packages such as the following:
You can also use the --pipe option to the rpm command, introduced in Chapter 3, Using RPM . With this option, your command becomes:
rpm -qa --pipe "grep ssh"


Chapter 16, Programming RPM with Python covers programming with the RPM system with the Python scripting language.
You can take advantage of some of the options that the grep command supports, including -i for ignoring the case of the string to match, --regexp to pass a regular expression to grep, and -v, to output only those entries that do not match the search string.


If you are unfamiliar with grep, the online manual pages for the grep command provide a listing of the command-line options available for grep as well as a short tutorial on regular expressions supported by grep.
Table 5-1 lists some of the common package-naming conventions. Remember that these are just conventions, not hard-and-fast rules. You can use these conventions in concert with rpm queries.
Table 5-1 Common Naming Conventions on Linux
Usually indicates
Starts with g
GNOME desktop application or a GNU application, especially GNU C programming tools and libraries
Starts with j
Cross-platform Java application
Starts with k
KDE desktop application, Linux kernel package, or Kerberos security package
Starts with py
Python application
Starts with rh
Red Hat application, usually for configuring your system
Starts with tk
Graphical Tcl application
Starts with x
X Window System graphical desktop application
Ends with wm
Window manager for controlling the layout of windows on the screen Querying with Wildcards

In addition to using other Linux commands, the rpm command supports some search options. You can pass a wildcard to rpm –qa (but not just rpm –q, you need the –a to look for all packages). For example:
rpm -qa "kernel*"


The quotation marks around "kernel*" are to prevent the Linux shell from expanding the wildcard character, *, to try to match a list of file names in the local directory. By passing the command-line parameter as "kernel*", the rpm program gets to see the * character. Otherwise, the shell expands the parameter and the program, rpm in this case, never sees the *.
This command searches for all package names starting with send. You can reverse this with an exclamation mark. For example:
$ rpm -qa '!send*'
This command works sort of like grep –v and searches for all packages that do not start with "send".
There are quite a few other Linux commands you can use in pipelines with the rpm –qa command to better filter and display the data, such as wc –l to count the number of packages that you query. You can also use a number of other query options to find out more specialized information from the RPM database.

4.1.4. Finding which packages own files

One of the common problems with package management comes when you want to track a given file on your system back to the package that “owns” the file (that is, the package that, when installed, installed the particular file).
The -qf option tells the rpm command to query for all packages that own a particular file. You can also use the longer option, --file, in place of –f. The basic syntax follows:
rpm -qf filename
For example, the grep command used in previous examples is really a file. (Just about all Linux commands are a file of some sort, be it a shell script or an executable application.) You can use a few Linux commands to determine which package provides this handy program.
First, we need the exact path to the file. For Linux commands, you can use the which command, if the program is in your path. (The grep program must be in your path, or commands with grep will fail.)
Try the following command:
which grep
This command returns the path to grep:
We can now check which package owns this file with the following command:
rpm -qf /bin/grep
You can also use the Linux back-tick operator to perform this check with one command.
rpm -qf `which grep`
If you use the bash shell, you can use the $(command parameters) syntax in place of the back tick, or `, characters. For example:
rpm -qf $(which grep)
If no package owns a given file, you’ll see output like the following:
rpm -qf mail
file mail is not owned by any package
Often, the package that owns a file does not have an intuitive name. The ssh command, for example, is owned by the openssh-clients package, as shown following:
rpm -qf `which ssh`
As you can see, the name of a command does not always correspond directly to the name of the package that provides that command. This is where the rpm –qf command proves very useful. Otherwise, you would just have to know that OpenSSH is the project responsible for this command.

Symbolic Links

The rpm -qf command follows symbolic links. This was not always true with older versions of RPM, but modern RPM versions can trace package ownership to files placed in linked directories.
For example, the directory /usr/lib/X11 is a link to the real directory, /usr/X11R6/lib/X11. You can track the package ownership of a file in that directory, XKeysymDB, for example, by using the following command:
rpm -qf /usr/lib/X11/XKeysymDB
This file, XKeysymDB, really resides in /usr/X11R6/lib/X11.