Lab 7: Managing and Installing Software¶
Objectives¶
After completing this lab, you will be able to
- Query packages for information
- Install software from binary packages
- Resolve some basic dependencies issues
- Compile and install software from source
Estimated time to complete this lab: 90 minutes
Binary files and source files¶
The applications that you currently have installed on your system are dependent on a few factors. The major factor is dependent on the software package groups that were selected during the Operating system installation. The other factor is dependent on what has been done to the system since its been in use.
You will find that one of your routine tasks as a Systems Admin is software management. This often involves:
- installing new software
- uninstall software
- update already installed software
Software can be installed on Linux based systems using several methods. You can install from source or from precompiled binaries. The latter method is by far thee easier way but it is also the least customizable. When you install from precompiled binaries most of the work has already been done for you – but even then you do need to know the name and where to find the particular software you want.
Almost all software originally come as C or "C++" programming language source files. The source programs are usually distributed as archives of source files. Usually tar’ed or gzip’ed "gzip’ed" or bzip2’ed "bzip2’ed" files. This means they come compressed or as a single bundle.
Most developers have made their source code conform to GNU standards, thereby making it easier to share with others. It also means that the packages will compile on any UNIX or UNIX like system ( e.g. Linux)
RPM is the underlying tool for managing applications (packages) on Red Hat based distros like such as Rocky Linux, Fedora, Red Hat Enterprise Linux (RHEL), openSuSE, Mandrake and so on.
The applications used for managing software on Linux distros are called package managers. Examples are:
- The Red Hat Package Manager (rpm). The packages have the suffix “ .rpm”
- The Debian package management system (dpkg). The packages have the suffix "suffix" “ .deb”
Some popular command-line options and syntax for the RPM command are listed next:
rpm
Usage: rpm [OPTION...]
QUERYING PACKAGES
Query options (with -q or --query):
-c, --configfiles list all configuration files
-d, --docfiles list all documentation files
-L, --licensefiles list all license files
-A, --artifactfiles list all artifact files
--dump dump basic file information
-l, --list list files in package
--queryformat=QUERYFORMAT use the following query format
-s, --state display the states of the listed files
VERIFYING PACKAGES
Verify options (with -V or --verify):
--nofiledigest don't verify digest of files
--nofiles don't verify files in package
--nodeps don't verify package dependencies
--noscript don't execute verify script(s)
INSTALLING, UPGRADING, AND REMOVING PACKAGES
Install/Upgrade/Erase options:
--allfiles install all files, even configurations which might otherwise be skipped
-e, --erase=<package>+ erase (uninstall) package
--excludedocs do not install documentation
--excludepath=<path> skip files with leading component <path>
--force short hand for --replacepkgs --replacefiles
-F, --freshen=<packagefile>+ upgrade package(s) if already installed
-h, --hash print hash marks as package installs (good with -v)
--noverify short hand for --ignorepayload --ignoresignature
-i, --install install package(s)
--nodeps do not verify package dependencies
--noscripts do not execute package scriptlet(s)
--percent print percentages as package installs
--prefix=<dir> relocate the package to <dir>, if relocatable
--relocate=<old>=<new> relocate files from path <old> to <new>
--replacefiles ignore file conflicts between packages
--replacepkgs reinstall if the package is already present
--test don't install, but tell if it would work or not
-U, --upgrade=<packagefile>+ upgrade package(s)
--reinstall=<packagefile>+ reinstall package(s)
Exercise 1¶
Installing, Querying and Uninstalling Packages¶
In this Lab you will learn how to use the RPM system and you will also install a sample application on your system.
!!! TIP: You have lots of options per where to obtain Rocky Linux packages from. You can manually download them from trusted [or untrusted] repositories. You can get them from the distribution ISO. You can get them from a centrally shared location using protocols such as - nfs, git, https, ftp, smb, cifs and so on. If you are curious you can view the following official website and browse through the applicable repository for the desired package(s) : https://download.rockylinux.org/pub/rocky/8.5/
To query packages for information.¶
- To see a list of all the packages currently install on your local system type:
$ rpm -qa
python3-gobject-base-*
NetworkManager-*
rocky-repos-*
...<OUTPUT TRUNCATED>...
You should see a long list.
- Let's delve a little deeper and learn more about one of the packages installed on the system. We'll look at the NetworkManager. We'll use the use the --query (-q) and --info (-i) options with the rpm command. Type:
$ rpm -qi NetworkManager
Name : NetworkManager
Epoch : 1
...<OUTPUT TRUNCATED>...
- Let's say we are only interested in the Summary field of the previous command. We can use rpm's query format option filter the information that we get back from the query option. For example to view only the summary field , type:
$ rpm -q --queryformat '%{summary}\n' NetworkManager
$ rpm -q --queryformat '%{version} %{summary}\n' NetworkManager
- Type the command to view information about the bash package that is installed on the system.
Note
The previous exercises were querying and working with packages that are already installed on the system. In the following exercises, we'll start off working with packages that are not yet installed.We'll use the DNF application to download the packages that we'll be using in the next steps.
- First check to make sure that wget application is not already installed on the system. Type:
$ rpm -q wget
package wget is not installed
- The curl utility is a popular open source application used for transfering data. Let's use curl to download the wget package from the official Rocky Linux online repository. Type:
curl --output "wget-1.19.5-10.el8.x86_64.rpm" \
http://download.rockylinux.org/pub/rocky/8.5/AppStream/x86_64/os/Packages/w/wget-1.19.5-10.el8.x86_64.rpm
$ ls -lh wg*
- Use the rpm command to query for information about the downloaded wget-*.rpm. Type:
$ rpm -qip wget-*.rpm
Name : wget
Architecture: x86_64
Install Date: (not installed)
Group : Applications/Internet
...<TRUNCATED>...
-
From your output in the previous step, what exactly is the wget package ? Hint you can use the rpm queryformat option to view the description field for the download package.
-
If you are interested in the files that are contained in the wget-*.rpm package, you could list all the files that comes with the package by typinggg:
$ rpm -qlp wget-*.rpm | head
/etc/wgetrc
/usr/bin/wget
...<TRUNCATED>...
/usr/share/doc/wget/AUTHORS
/usr/share/doc/wget/COPYING
/usr/share/doc/wget/MAILING-LIST
/usr/share/doc/wget/NEWS
- Let's view the contents of the
/usr/share/doc/wget/AUTHORSfile that's listed as part of the wget package. We'll use the cat command. Type:
$ cat /usr/share/doc/wget/AUTHORS
cat: /usr/share/doc/wget/AUTHORS: No such file or directory
The wget is not [yet] installed on our demo system! And so we can't view the AUTHORS file that is packaged with it!!
- View the list of files that come with another package (curl) that is already installed on the system. Type:
$ rpm -ql curl
/usr/bin/curl
/usr/lib/.build-id
/usr/lib/.build-id/fc
...<>...
Note
You'll notice that you didn't have to refer to the full name of the curl package in the previous command. This is because curl is already installed.
Exercise 2¶
Package integrity¶
- It is possible to download or end up with a corrupted or tainted file. Verify the integrity of the wget package that you downloaded. Type:
$ rpm -K wget-*.rpm
wget-1.19.5-10.el8.x86_64.rpm: digests signatures OK
The "digests signatures OK" message in the out shows the package is fine.
- Let's be malicious and deliberately alter the downloaded package. This can be done by adding anything to or removing something from the original package. Anything that changes the package in a way than the original packagers intended will corrupt the package. We'll alter the file by using the echo command to add the string "haha" to package. Type:
$ echo haha >> wget-1.19.5-10.el8.x86_64.rpm
- Now run the try to verify the integrity of the package again using rpm's -K option. Type:
$ rpm -K wget-*.rpm
wget-1.19.5-10.el8.x86_64.rpm: DIGESTS SIGNATURES NOT OK
Very different message now. The output "DIGESTS SIGNATURES NOT OK" is a clear warning that you shouldn't try using or installing the package. It should no longer be trusted.
- Use the rm command to delete the corrupted wget package file and download a fresh copy using dnf. Type:
$ rm wget-*.rpm && dnf download wget
Exercise 3¶
Installing Packages¶
While trying to install software on your system, you might stumble on issues of “failed dependencies”. This is especially common when using the low-level RPM utility to manually manage applications on a system.
For example if you try to install package “abc.rpm” the RPM installer might complain about some failed dependencies. It might tell you that package “abc.rpm” requires another package “xyz.rpm” to first be installed. The issue of dependencies comes up because software applications almost always depend on some other software or library. If a required program or shared library is not already present on the system, then that prerequisite will have to satisfied before installing the target application.
The low level RPM utility often knows about the inter-depencies between applications. But it does not usually know how or where to obtain the application or library needed to resolve the issue. Stated another way, RPM knows the what and how but does not have the built-in ability to answer the where question. This is where tools like DNF, yum and so on shine.
To install packages¶
In this exercise you will try to install the wget package (wget-*.rpm).
- Try installing the wget application. Use RPM's -ivh commandline options. Type:
$ rpm -ivh wget-*.rpm
error: Failed dependencies:
libmetalink.so.3()(64bit) is needed by wget-*
Note
According to the output of the test above, the wget-.rpm package requires that the libmetalink-.rpm package be installed. i.e. libmetalink is a prerequisite for installing wget-.rpm. You can forcefully install wget-.rpm package using the “nodeps” option, if you absolutely know what you are doing. But this is generally a BAD practice.
- RPM has helpfully given us a hint for what's missing. You'll remember that rpm knows the whats and hows but does not necessarily know the wheres. Let's use the dnf utility to try to figure out the package name that provides the missing library. Type:
$ dnf whatprovides libmetalink.so.3
...<TRUNCATED>...
libmetalink-* : Metalink library written in C
Repo : baseos
Matched from:
Provide : libmetalink.so.3
- From the output, we need to download the libmetalink package which provides the missing liberary. Specificvally we want the 64bit version of the library. Let's call on a separate utility (dnf) to help us find and download the package for our demo 64bit (x86_64) architecture . Type:
dnf download --arch x86_64 libmetalink
-
You should now have at least 2 rpm packages in your working directory. Use the ls command to confirm this.
-
Install the missing libmetalink dependency. Type:
$ sudo rpm -ivh libmetalink-*.rpm
- With the dependency now installed, we can now revisit our original objective of installing the wget package. Type:
$ sudo rpm -ivh wget-*.rpm
Note
RPM supports transactions. In the previous exercises we could have performed a single rpm transaction that included the original package we wanted to install (i.e. ) as well as all the packages and libraries it depends on. A single command such as the one below would have sufficed:
$ rpm -Uvh wget-*.rpm libmetalink-*.rpm
- Moment of truth now. Try running the wget program without any option to see if it is installed. Type:
$ wget
- Let's see wget in action. Use wget to download a file from the internet from the command line. Type:
wget https://kernel.org
-
Use rpm to view a list of all the files that come with the wget application.
-
Use rpm to view any documentation that comes packaged with wget. Type:
-
Use rpm to view the list of all the binaries that come installed with the wget package. Type:
-
You had to install the libmetalink package in order to install wget. Type running or executing libmetalink from the command-line. Type:
$ libmetalink
-bash: libmetalink: command not found
!!! Que: What gives ? Why can't you run or execute libmetalink ?
To import a public key via rpm¶
!!! TIP:
The GPG keys used for signing packages used in the Rocky Linux project can be obtained from various sources such as - the Project website, ftp site, distribution media, local source and so on.
Just in case the proper key is missing on your RL system's keyring, you can use the rpm's --import option to import Rocky Linux’s public key from your local RL system by running: sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
!!! QUESTION:
When installing packages, what's the difference between rpm -Uvh and rpm -ivh.
Consult the man page for rpm.
Exercise 4¶
Uninstalling packages¶
Un-installing packages is just as easy as installing, with Red Hat’s package manager (RPM).
In this exercise you will try to use rpm to un-install some packages from the system.
To un-install packages¶
- Un-install the libmetalink package from your system. Type:
$ sudo rpm -e libmetalink
!!! QUESTION: Explain why you couldn’t remove the package?
- The clean and proper way to remove packages using RPM is to remove the package(s) along with their dependencies. To remove libmetalink package we'll also have to remove the wget package that depends on it. Type:
$ sudo rpm -e libmetalink wget
Note
If you want to break the package that relies on libmetalink and forcefully remove the package from your system you can use rpm's --nodeps option like this -
$ sudo rpm -e --nodeps libmetalink
i. The “nodeps” option means No dependencies. i.e. ignore all dependencies. ii. The above is just to show you how to forcefully remove a package from your system. There may be times when you need to this, but it is generally not a good practice. iii. Forcefully removing a package “xyz” that another installed package “abc” relies on effectively makes package “abc” unusable or somewhat broken.
Exercise 5¶
DNF - Package Manager¶
DNF is a package manager for RPM-based Linux distributions. It is the successor to the popular YUM utility. DNF maintains compatibility with YUM and both utilities share very similar command-line options and syntax.
DNF is one of the many tools used for managing software on RPM based systems such as Rocky Linux system. In comparison to rpm, these higher-level tools help to simplify installing, uninstalling, querying packages. It is important to note that these tools make use of the underlying framework provided by the RPM system. This is why it is useful to first understand how to use RPM itself.
DNF (and other tools like it) acts as a sort of wrapper around RPM and provides additinal functionality not offered by RPM. DNF knows how to deal with package and library dependencies and additionally knows how to automatically make use of configured repositories to resolve most issues.
Common options used with the dnf utility are:
usage: dnf [options] COMMAND
List of Main Commands:
alias List or create command aliases
autoremove remove all unneeded packages that were originally installed as dependencies
check check for problems in the packagedb
check-update check for available package upgrades
clean remove cached data
deplist [deprecated, use repoquery --deplist] List package's dependencies and what packages provide them
distro-sync synchronize installed packages to the latest available versions
downgrade Downgrade a package
group display, or use, the groups information
help display a helpful usage message
history display, or use, the transaction history
info display details about a package or group of packages
install install a package or packages on your system
list list a package or groups of packages
makecache generate the metadata cache
mark mark or unmark installed packages as installed by user.
module Interact with Modules.
provides find what package provides the given value
reinstall reinstall a package
remove remove a package or packages from your system
repolist display the configured software repositories
repoquery search for packages matching keyword
repository-packages run commands on top of all packages in given repository
search search package details for the given string
shell run an interactive DNF shell
swap run an interactive DNF mod for remove and install one spec
updateinfo display advisories about packages
upgrade upgrade a package or packages on your system
upgrade-minimal upgrade, but only 'newest' package match which fixes a problem that affects your system
To use dnf for package installation¶
Assuming you've already uninstalled the wget utility from an exercise, we'll use DNF to install the package in the following steps. The 2 - 3 step process that we needed earlier when we installed wget via rpm should be reduced to a one steps process using dnf. dnf will quietly take care of resolving any dependencies.
- First, let's make sure that wget and libmetalink are uninstalled from the system. Type:
$ sudo rpm -e wget libmetalink
- Now use dnf to install wget. Type:
$ sudo dnf -y install wget
Dependencies resolved.
...<TRUNCATED>...
Installed:
libmetalink-* wget-*
Complete!
- DNF provides a "Environment Group option that makes it easy to add a new feature set to a system. To add the feature, you would normally have to individually install a few packages, but using dnf you all you need to know is the name or description of the feature that you want.
Use dnf to display a list of all the groups available to you. Type:
$ dnf group list - We are interested in the Development Tools group/feature. Let's get more information about that group. Type:
$ dnf group info "Development Tools" - Later on, we are going to need some programs that come with the Development Tools group. Install the "Development Tools" group using dnf by running:
$ sudo dnf -y group install "Development Tools"
To use dnf for uninstalling packages¶
- To use dnf to un-install the wget package type:
$ sudo dnf -y remove wget
- Use dnf to make sure the package has indeed been removed from the system. Type:
$ sudo dnf -y remove wget
$ wget
To use dnf for package update¶
DNF can be used to check for and install the latest version of individual packages that are available in repositories. It can also be used to install specific versions of packages.
- Use the list option with dnf to view all available versions of the wget program that are available for your system. Type
$ dnf list wget
- If you only want to see if there are updated versions available for a package use the check-update option with dnf. For example for the wget package type:
$ dnf check-update wget
- Now list all the available versions for the kernal package for your system. Type:
$ sudo dnf list kernel
- Now check if there are any updated packages available for the installed kernel package. Type:
$ dnf check-update kernel
- Updates to packages might be due to bug fixes, new features or security patches. To view if there are any security related updates for the kernel package, type:
$ dnf --security check-update kernel
To use dnf for system updates¶
DNF can be used to check for and install the latest versions all packages installed on a system. Periodically checking for installing updates is an important aspect of system administration.
- To check if there are any updates for the packages you currently have installed on your system, type:
$ dnf check-update
- To check if there are any security related updates for all packages installed on your system, type:
$ dnf --security check-update
- To update the entire packages installed on your system to the most up-to-date versions available for your distribution run:
$ dnf -y check-update
Exercise 6¶
Building Software from Source¶
All software/applications/packages originate from plain human-readable text files. The files are collectively known as source code. The RPM packages that are installed on Linux distros are born from source code.
In this exercise you are going to download, compile and install a sample program from its original source files. For convenience, source files are usually distributed as a single compressed file called a tar-ball (pronounced tar-dot-gee-zee).
The following exercises will be based on the venerable Hello project source code. hello is a simple command-line application written in C++, that does nothing more than print hello to the terminal. You can learn more about the project here - http://www.gnu.org/software/hello/hello.html
To download the source file¶
- Use curl to download the latest source code for the hello application. Let's download and save the file in the Downloads folder.
https://ftp.gnu.org/gnu/hello/hello-2.12.tar.gz
To un-tar the file¶
-
Change to the directory on your local machine where you downloaded the hello source code.
-
Unpack (un-tar) the tarball using the “tar” program. Type:
$ tar -xvzf hello-2.12.tar.gz
hello-2.12/
hello-2.12/NEWS
hello-2.12/AUTHORS
hello-2.12/hello.1
hello-2.12/THANKS
...<TRUNCATED>...
- Use the ls command to view the contents of your pwd.
A new directory named hello-2.12 should have been created for you during the un-taring.
- Change to the new directory. And list its contents. Type:
$ cd hello-2.12 ; ls
- It is always good practise, to review any special installation instructions that might be come with the source code. Those files usually have names like: INSTALL, README and so on.
Use a pager to open up the INSTALL file and read it. Type:
$ less INSTALL
Exit the pager when you are done reviewing the file.
To configure the package¶
Most applications have features that can be enabled or disabled by the user. This is one of the benefits of having access to the source code and being able to install from same. You have control over configurable features that the application has; this is in contrast to accepting everything a package manager installs from pre-compiled binaries.
The script that usually lets you configure the software is usually aptly named “configure "configure"”
-
Use the ls command again to make sure that you indeed have a file named configure in your pwd.
-
To see all the options you can enable or disable in the hello program type:
$ ./configure --help
!!! QUESTION: From the output of the command what does the “--prefix” option do?
- If you are happy with the default options that the configure script offers. Type:
$ ./configure
Note
Hopefully the configure stage went smoothly and you can go on to the compilation stage.
If you got some errors during the configure stage, you should carefully look through the tail-end of the output to see the source of the error. The errors are sometimes self explanatory and easy to fix. For example you might see an error like:
configure: error: no acceptable C compiler found in $PATH
The above error simply means that you don’t have a C Compiler (e.g. gcc) installed on the system or the compiler is installed somewhere that is not in your PATH variable.
To compile the package¶
You will build the hello application in the following steps. This is where some of the programs that come with the Development Tools group that you installed earlier using DNF come in handy.
- Use the make command to compile the package after running the “configure” script. Type:
$ make
...<OUTPUT TRUNCATED>...
gcc -g -O2 -o hello src/hello.o ./lib/libhello.a
make[2]: Leaving directory '/home/rocky/hello-2.12'
make[1]: Leaving directory '/home/rocky/hello-2.12'
If all goes well - this important make step is the step that will help generate the final hello application binary.
- List the files in your current working directory again. You should see some newly created files in there including the hello program.
To install the applictaion¶
Amongst other house keeping tasks, the final installation step also involves copying any application binaries and libraries over to the proper folders.
- To install the hello application run the make install command. Type:
$ sudo make install
/usr/local/ will be used.
To run the hello program¶
-
Use the whereis command to see where the hello program is on your system. Type: $ whereis hello
-
Try running the hello application to see what it does. Type: $ hello
-
Run hello again, with the --help option to see the other things it can do.
-
Using sudo, run hello again as a superuser. Type: $ hello
!!!TIP: It is good practice to test a program as a regular user to make sure that regular users can indeed use the program. It is possible that the permissions on the binary are set incorrectly such that only the super-user can use the programs. This of course assumes that you indeed want regular users to be able to use the program.
- That’s it, this lab is complete!