Tech Learning

Linux Learning Chapter 10: Getting and Managing Software

📢 This article was translated by gemini-3-flash-preview

Chapter 10: Getting and Managing Software

10.1 Managing Software on the Desktop

Manage via software centers and GUIs.

10.2 Beyond the Software Window

The software available in the GUI “Software” app is limited.

10.3 Understanding Linux RPM and DEB Packages

Software packages are often called tarballs (compressed archives). They contain executables (commands), documentation, configuration files, and libraries.

  • DEB (.deb) Packages

Created by the Debian GNU/Linux project. Used by Debian and its derivatives (Ubuntu, Linux Mint, KNOPPIX, etc.). Use apt or dpkg commands to install, manage, update, and remove software.

  • RPM (.rpm) Packages

Originally the Red Hat Package Manager, now known as the RPM Package Manager. It’s the preferred format for SUSE, Red Hat distributions (RHEL, Fedora), and others based on Red Hat (CentOS, Oracle Linux, etc.). Managed via the original rpm command, the enhanced yum, or the modern dnf command.

yum is eventually being replaced by the dnf command.

10.3.1 Understanding DEB Packages

Debian packages store files and metadata related to the software in an archive format. Files include executables, configs, and other project items. Metadata includes dependencies, licenses, size, descriptions, etc.

Use apt* commands to fetch (apt-get), search (apt-cache search), view details (apt-cache show), install (apt-get install), upgrade (apt-get upgrade), or list installed software (apt-cache pkgnames).

Use the aptitude command for a screen-oriented menu inside the shell to install software.

10.3.2 Understanding RPM Packages

An RPM package merges different files, each providing a specific function. Inside are the commands, configs, and docs that make up the software, plus metadata (content info, source, runtime requirements, etc.).

Use rpm -q -i packageName to view info about a specific software.

10.4 Managing RPM Packages with yum

10.4.1 Transitioning from yum to dnf

DNF stands for Dandified yum https://github.com/rpm-software-management/dnf/ .

While dnf maintains basic command-line compatibility with yum, a key difference is its strict API and encouragement of extensions and plugins.

The following yum commands can all be used as dnf commands.

For more info on dnf, see https://dnf.readthedocs.io/ .

10.4.2 How yum Works

Basic syntax: yum [options] command

Example: Installing Firefox: yum install firefox

  1. Checking /etc/yum.conf

Inside this file:

gpgcheck: Whether to verify packages.

installonly_limit=3: Max versions of the same package to keep (don’t set below 2 to ensure you always have at least two kernel packages).

clean_requirements_on_remove=True: Remove dependencies when uninstalling (if no other software uses them).

best=True: Prioritize the latest version when upgrading.

cachedir: Cache location.

keepcache: Whether to keep the cache.

debuglevel: Logging detail level (higher is more detailed).

metadata_expire: Metadata timeout.

For details, use man yum.conf.

  1. Checking /etc/yum.repos.d/*.repo files

To enable a repository, place the .repo file here. Content looks like:

1
2
3
4
5
6
7

[myrepo]    # Start, repo name in `[]`
name=My repo    # Detailed description
baseurl=https://rpmrepo.yexca.net/    # Fictional URL
# RPM URLs can be http://, ftp://, file://
enabled=1    # Enable this repo (defaults to enabled if omitted)
gpgcheck=1    # Check package signatures
gpgkey=file:///etc/MYKEY    # Path to the key for checking packages

You can enable any number of repos, but yum checks every single one every time it runs, downloading metadata to the local system. Don’t enable too many.

  1. Downloading RPM packages and metadata from YUM repos

There is a repodata directory in the rpm directory, summarizing all enabled repos.

Metadata is stored in /var/cache/yum. It refreshes after the timeout (default 6h for yum, 48h for dnf).

  1. Installing RPM packages to the Linux filesystem

Once downloaded to cache, yum runs the rpm command to install. It executes any pre-install scripts, copies files (commands, configs, docs) to locations specified by RPM metadata, and runs post-install scripts.

  1. Storing YUM repo metadata in the local RPM database

Metadata from each repo is eventually copied to the local RPM database, stored in several files within /var/lib/rpm.

10.4.3 Using yum with Third-party Repos

For stability, use official repos. For convenience on a personal machine, you can enable the RPM Fusion third-party repo. See https://rpmfusion.org/ .

10.4.4 Managing Software with yum Commands

  1. Searching for packages

yum search keyword

  • Get detailed info

yum info firefox

  • If you know the command, config, or library name but not the package name:

yum provides keyword

  • Listing packages using the list subcommand:

yum list firefox

yum list available

yum list installed

yum list all

  • View dependencies and providers:

yum deplist firefox | less

  1. Installing and Removing Packages
  • install installs one or more packages plus dependencies.

yum install firefox or yum -y install firefox for non-interactive installation.

  • reinstall to fix a broken installation.

yum reinstall firefox

  • remove deletes software and unused dependencies.

yum remove firefox

Alternatively, use history to rollback.

Use yum history to view logs, yum history info 12 for details on ID 12, and yum history undo 12 to revert transaction 12.

  1. Updating Packages

yum check-update to see what’s new, yum update to update everything, yum update firefox to update only Firefox.

  1. Updating Package Groups

yum supports package groups for easier management of full environments.

yum grouplist | less to see groups.

yum groupinfo LXDE to see packages in the LXDE group.

yum groupinstall LXDE to install the whole group.

yum groupremove LXDE to remove the whole group.

  1. Maintaining RPM Database and Cache

yum clean packages to remove downloaded installers.

yum clean metadata to clear metadata.

yum clean all

If the RPM database gets corrupted (rare):

yum check to inspect the cache and DB.

rpm --rebuilddb to rebuild the database.

Note: rpm is generally the best command for interacting with the local RPM database.

  1. Downloading RPMs from YUM Repos

Download without installing to the current directory:

yumdownloader firefox

dnf download firefox

10.5 Installing, Querying, and Verifying with the rpm Command

Mostly used for local package files.

10.5.1 Installing and Removing with rpm

  • Install

rpm -i packageName

Requires the full filename (basename, version, kernel, etc.).

  • Upgrade

rpm -Uhv packageName

-h prints # marks (progress), -v provides verbose output.

  • Freshen (Update only if already installed)

rpm -Fhv *.rpm

  • Reinstall

rpm -Uhv --replacepkgs packageName

  • Downgrade

rpm -Uhv --oldpackage packageName

  • Remove

Only requires the basename (e.g., firefox).

rpm -e firefox

Note: This doesn’t remove dependencies.

10.5.2 Querying RPM Info

Use the -q option to query info about installed packages, like description (-qi), file list (-ql), or config files (-qc).

Use the basename: rpm -qi firefox

Other queries: dependencies (-q --requires), provided capabilities (-q --provides), install/uninstall scripts (-q --scripts), and the changelog (-q --changelog).

Use --queryformat for specific tags and --querytags to see all available tags.

These query the local DB. To query a local file (not yet installed), add the -p option and use the full filename: rpm -qip zsh-5.7.1-1.fc30.x86_64.rpm

10.5.3 Verifying RPM Packages

Use the -V option to check installed packages against the original metadata to see if anything changed. If binaries (in /bin) changed, the system might be compromised. Config file changes are normal.

Verify Firefox: rpm -V firefox

If characters are output, something changed; no output means files are original.

CharacterDescription
SFile size differs
MMode differs (permissions/type)
5MD5 checksum differs
DDevice major/minor mismatch
LreadLink(2) path mismatch
UUser ownership mismatch
GGroup ownership mismatch
TmTime differs
PcaPabilities mismatch

These indicators come from the “Verify” section of the rpm man page.

Use --replacepkgs to restore to the original state.

For high security, backup the RPM database (/var/lib/rpm) to read-only media. If the database itself is compromised, verification is useless.

10.6 Managing Software in the Enterprise

Includes Kickstart files, PXE booting, Satellite servers (Spacewalk), and container images.

These tools allow for automated, bulk software installation.