Skip to main content

Yum & Rpm

yum/dnf

套件庫管裡
# 已啟用的套件庫清單
yum repolist enabled

# 列出所有的套件庫包含 disabled 與 enabled
yum repolist all
yum repolist -v

# 已啟用套件庫的詳細資訊
yum repoinfo

# 啟用指定的套件庫
yum install yum-utils
yum-config-manager --enable <repositoryID>

# 停用指定的套件庫
yum-config-manager --disable <repositoryID>
系統更新
# 查詢所有可更新的套件
yum list updates
yum check-update
yum check-update --security

# 更新所有套件
yum update
yum update --disablerepo=epel

# 更新與安全性相關的套件
yum update --security
yum update-minimal --security

# 更新指定套件
yum update sudo
yum --security update sudo
yum --security update-minimal sudo
檢視套件清單
yum list --all
yum list --installed
yum list --available
安裝/檢視指定版本套件
yum --showduplicates list <package-name>
yum list <package-name>-<version>
yum install <package-name>-<version>
更新歷史紀錄
# To display a list of all the latest yum transactions, use:
yum history

# To display a list of all the latest operations for a selected package, use:
yum history list <package-name>

# To examine a particular transaction, use:
yum history info <transactionID>
# yum history list
Updating Subscription Management repositories.
ID | Command line | Date and time | Action(s) | Altered
---------------------------------------------------------------------------------------------------------------------------------------
12 | update | 2022-03-18 16:57 | I, U | 328 EE
11 | install haproxy | 2021-11-17 15:37 | Install | 1
10 | install chrony | 2021-11-10 17:44 | Install | 2
9 | install vim-enhanced | 2021-11-10 17:44 | Install | 4
8 | install sysstat | 2021-11-10 17:43 | Install | 1
7 | install yum-utils | 2021-11-10 17:43 | Install | 1
6 | install net-snmp-utils | 2021-11-10 17:43 | Install | 1
5 | install bind-utils net-snmp | 2021-11-10 17:42 | Install | 30
4 | install rsync mailx | 2021-11-10 17:42 | Install | 1
3 | install tmux | 2021-11-10 17:41 | Install | 1
2 | install redhat-lsb-core | 2021-11-10 17:38 | Install | 26
1 | | 2021-11-10 17:27 | Install | 396 EE
停用有問題的 yum-updatesd,並以下列方式取代
停用 yum-updatesd
service yum-updatesd stop
chkconfig yum-updatesd off

新增 /etc/cron.daily/yum.cron
#!/bin/sh
/usr/bin/yum -R 120 -e 0 -d 0 -y update yum
/usr/bin/yum -R 10 -e 0 -d 0 -y update                        #如果不想讓系統自動更新所有套件,可註解這行。

chmod 0755 /etc/cron.daily/yum.cron 
各種舊版本的套件庫位址

http://vault.centos.org/

如果想將多個 CD 的 ISO 檔合併成一個 DVD ISO,可以使用附件區的 mkdvdiso.sh,這只能使用在 RedHat/CentOS 版本,使用方法如下:

yum install anaconda-runtime mkisofs

./mkdvdiso.sh cd/ /tmp/CentOS-5.5-i386-bin-DVD.iso

TIPs:

所有 CD ISO 檔放在 cd/ 目錄內

必須關閉 SELinux

輸出檔路徑必須是絕對路徑

清除最新套件庫清單及暫存的套件檔
yum clean all
搜尋套件

搜尋檔案 libstdc++.so.6

yum whatprovides "*/libstdc++.so.6" 
yum provides "*/libstdc++.so.6"

搜尋套件

yum search mypackage
yum search --all mypackage
套件的相依性
yum deplist <package-name>

repoquery --requires <package-name>
下載 RPM 套件
yum -y install yum-utils.noarch
yumdownloader <package-name>

# Extract downloaded RPM
rpm2cpio dekiwiki-10.0.1-3.1.noarch.rpm | cpio -idmv

yum -y install --downloadonly --downloaddir=/tmp/packages NetworkManager
啟用一個不常用的套件庫位址
yum --enablerepo=elrepo-kernel install kernel-ml kernel-ml-devel
使用光碟 ISO方式來升級系統
# vi /etc/yum.repo.d/CentOS-Media.repo

[c6-local]
name=CentOS-$releasever - Media
baseurl=file:///mnt/iso/
gpgcheck=0
enabled=0

NOTE: enabled=0,不是 1。將 DVD 掛載為 /mnt/iso。 

# yum --disablerepo=\* --enablerepo=c6-local upgrade
安裝本機端的 RPM 套件
yum --nogpgcheck install htop-1.0.2-1.el5.rf.x86_64.rpm
匯出已安裝套件列表
yum list installed
yum list installed |tail -n +3|cut -d' ' -f1 > installed_packages.lst
# 或
rpm -qa > installed_packages.lst

yum -y install $(cat installed_packages.lst)
安裝 EPEL 套件庫

EPEL - Extra Packages for Enterprise Linux

rpm -ivh http://mirror01.idc.hinet.net/EPEL/5/i386/epel-release-5-4.noarch.rpm
rpm -ivh http://mirror01.idc.hinet.net/EPEL/6/i386/epel-release-6-8.noarch.rpm

TIPs:

錯誤: Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
解決: sed -i "s/mirrorlist=https/mirrorlist=http/" /etc/yum.repos.d/epel.repo

安裝 ELRepo 套件庫

ELRepo - The Community Enterprise Linux Repository

rpm --import http://elrepo.org/RPM-GPG-KEY-elrepo.org

# for RHEL-5, CENTOS-5
rpm -Uvh http://elrepo.org/elrepo-release-5-2.el5.elrepo.noarch.rpm

# for RHEL-6, CENTOS-6
rpm -Uvh http://elrepo.org/elrepo-release-6-3.el6.elrepo.noarch.rpm
安裝 RPMforge/RepoForge 套件庫

RPMforge 是由 Dag 及其他包裝者合作維護的。他們為 CentOS 提供超過 5000 個套件,包括 wine、vlc、mplayer、xmms-mp3 及其他受歡迎的媒體工具。它並不是 Red Hat 或 CentOS 的一部份,但卻是為那些發行版本而設計的。

http://repoforge.org/use/

CentOS 如何補安裝套件組
系統在第一次安裝時,都可以選擇要安裝哪些套件組,假使之後系統要補裝某套件組,例如 GNOME 視窗套件,可以使用這些指令,而不用一一找出有哪些相依性的套件名稱。

# 列出有哪些套件組可安裝
yum grouplist
# 安裝 GNOME 視窗套件組
yum groupinstall "GNOME Desktop Environment"
# 移除套件組
yum groupremove "Office Suite and Productivity" "Dial-up Networking Support"
設定 proxy

編輯 /etc/yum.conf

proxy=http://<username>:<password>@<this.is.proxy.ip:<port>/
proxy=http://windowsad\username:password@proxy.server:port/
安裝本機上的 RPM
yum localinstall my.rpm

建立 YUM 套件庫主機 (with ISO)

安裝套件 createrepo
CetOS 5:

createrepo /source/path/reas5
createrepo -g  /source/path/reas5/repodata/comps.xml

CetOS 6/7:

# 建立套件索引
createrepo /yum-repo-packages/centos_6.4_x86_64
 
 # 建立套件群組索引
 # CentOS 6.4
 createrepo -g /yum-repo-packages/centos_6.4_x86_64/repodata/2727...cab6f72-c6-x86_64-comps.xml /yum-repo-packages/centos_6.4_x86_64
 # RedHat 7.9
 createrepo -g /mnt/yum-repo/redhat_7.9_x86_64/repodata/3df90817a193baef023d53222cc4ce8f4d15209e593bee361bf72016022008fb-comps-Server.x86_64.xml /mnt/yum-repo/redhat_7.9_x86_64

RHEL 8:

# for RHEL 8 only
yum install createrepo_c

cp -r /mnt/iso/* /mnt/yum-repo/redhat_8.3_x86_64 
createrepo /mnt/yum-repo/redhat_8.3_x86_64

rhel-local.repo:

[LocalRepo_BaseOS]
name=LocalRepo_BaseOS
metadata_expire=-1
enabled=1
gpgcheck=1
baseurl=ftp://10.1.115/LINUX_REPO/redhat_8.3_x86_64/BaseOS/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

[LocalRepo_AppStream]
name=LocalRepo_AppStream
metadata_expire=-1
enabled=1
gpgcheck=1
baseurl=ftp://10.10.1.115/LINUX_REPO/redhat_8.3_x86_64/AppStream/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

RPM

查詢指令

# 查詢已安裝的套件的詳細資訊
rpm -qi <package-name>

# 查詢已安裝套件是 32 或 64 bit
rpm -qa --qf "%{n}-%{v}-%{r}.%{arch}\n" | grep -i <package-name>

# 查詢未安裝的套件資訊
rpm -qpi your.rpm
less your.rpm

# 列出已安裝套件的相依性
rpm -q --requires <package-name>

# 列出未安裝的 RPM 的相依性
rpm -qp --requires your.rpm

# 列出一個尚未安裝的 RPM 所包含的檔案列表
rpm -qlp your.rpm

# 查詢檔案所屬的套件名稱
rpm -qf /usr/bin/ksh

# 查詢 RPM Public Key
rpm -q gpg-pubkey | sort | uniq -c | sort -nr

清查所有已安裝套件的名稱、版本、架構等資訊

rpm -qa --queryformat '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n'| sort &> /tmp/rpm-qa.prod.output.txt

檢查指定套件的 Changelog

rpm -q --changelog sudo | grep -i cve-2021-3156
rpm -q --changelog -p sudo-1.8.6p3-29.0.2.el6_10.3.x86_64.rpm | grep -F CVE-2021

Rebuild source-rpm

yum install rpm-build
rpmbuild --rebuild something.src.rpm

GPG

清除 cache

yum clean all
rm /var/cache/yum/* -rf

FAQ

About EPEL Repository

Important Notice

  • The following information has been provided by Red Hat, but is outside the scope of the posted Service Level Agreements and support procedures.
  • Installing unsupported packages does not necessarily make a system unsupportable by Red Hat Global Support Services
    • However, Red Hat Global Support Services will be unable to support or debug problems with packages not shipped in standard RHEL channels.
  • Installing packages from EPEL is done at the user's own risk.
  • The EPEL repository is a community supported repository hosted by the Fedora Community project.
  • The EPEL repository is not a part of Red Hat Enterprise Linux and does not fall under Red Hat's Production Support Scope of Coverage. The repository is considered an optional repository and is not tested by Red Hat quality engineers.

(https://access.redhat.com/solutions/3358 )

What is the difference between yum update vs yum update-minimal

https://access.redhat.com/solutions/3620411