Computer Laboratory

Software installation under Unix

Introduction

This page covers software installation under the versions of Unix available in the Computer Lab - Ubuntu, Fedora, CentOS and debian. They use a mixture of software packages called RPMs and .debs, referred to below as packages.

What is an "RPM" ?

RPM Package Manager (originally Red Hat Package Manager, abbreviated RPM) is a package management system. It is used on Fedora and CentOS systems. The name RPM refers to two things: a software package file format, and a "low level" software tool which installs, updates, uninstalls, verifies and queries software packaged in this format. This page will use the convention that an RPM (upper case) is a file in the RPM format, but rpm (lower case) is the command which operates upon such files. The "higher level" command more normally used than rpm is yum.

What is a ".deb" ?

A .deb is similar, but different to, an RPM. It is used on Ubuntu and debian systems. The "low level" command is dpkg and the "higher level" command more normally used is apt-get.

What is a package ?

The software contained in a package may be a utility and all the extra files necessary to run that utility (libraries, configuration files etc), plus documentation. Often, however, a package will contain some of what you need but other things will be in other packages. For example, the utility xyz might make use of the shared library libwibble.so. The library libwibble.so might be used by a great many other utilities too, and if so it is likely to be in a package on its own rather than bundled into the same package as xyz. If this is the case then the xyz package is said to be dependent on the libwibble.so package, and you will need to install both (and possibly others as well as the libwibble.so package itself may be dependent on other packages, and so on).

Package file names normally have the following format: packagename-version-release.type
For example, finger-0.17-32.2.1.1.i386.rpm, is an RPM containing the utility finger, version 0.17, release 32.2.1.1 of this RPM, intended to be installed on an i386 system (this last part is often missing if the RPM can be installed on many different systems), which is an RPM. Unfortunately package file names are not always consistent and alphanumeric characters, "." and "-" may be used in any part of a package name, so things are ambiguous - e.g. java-1.4.2-gcj-compat-1.4.2.0-40jpp.110.i386, the packagename is java-1.4.2-gcj-compat, version 1.4.2.0, release 40jpp.110, for an i386 architecture.

There are also packages which contain the files necessary to generate other packages - these are known as "Source packages". They will have an additional .src as part of their name.

Useful rpm commands

  • rpm -qa: List all the RPMs installed on a given machine (missing off the .rpm extension)
  • rpm -q packagename: List the packagename-version-release part of the RPM name of an installed package called packagename, e.g. "rpm -q evince" returns evince-0.6.0-6.fc6.
  • rpm -q --qf '%{NAME} %{VERSION} %{RELEASE} %{ARCH}\n' packagename: List the RPM name of an installed package called packagename, but with the component parts of the name separated out,
    e.g. "rpm -q --qf '%{NAME} %{VERSION} %{RELEASE} %{ARCH}\n' finger" returns finger 0.17 32.2.1.1 i386
  • rpm -qi packagename: Display information about the installed package called packagename, e.g. "rpm -qi evince" returns
    Name        : evince                       Relocations: (not relocatable)
    Version     : 0.6.0                             Vendor: Red Hat, Inc.
    Release     : 6.fc6                         Build Date: Tue 12 Dec 2006 03:31:53 GMT
    Install Date: Thu 21 Dec 2006 04:04:53 GMT      Build Host: hs20-bc1-7.build.redhat.com
    Group       : Applications/Publishing       Source RPM: evince-0.6.0-6.fc6.src.rpm
    Size        : 2794278                          License: GPL
    Signature   : DSA/SHA1, Wed 20 Dec 2006 18:52:18 GMT, Key ID b44269d04f2a6fd2
    Packager    : Red Hat, Inc. http://bugzilla.redhat.com/bugzilla
    URL         : http://www.gnome.org/projects/evince/
    Summary     : Document viewer
    Description :
    evince is a GNOME-based document viewer.
    
  • rpm -qf filename: Find out which RPM a given file comes from. e.g. "rpm -qf /usr/bin/evince" returns evince-0.6.0-6.fc6.
  • rpm -qpl rpmname: List all the files that an RPM (in this directory) called rpmname will install.
  • rpm -ivh rpmname: Not particularly useful to most users who don't know root passwords, but included here for completeness. Install an RPM from a file (in this directory) called rpmname. This will fail unless run as root as the RPM needs to update the "installed package" database, which needs root privileges. It will also fail if the RPM depends on another package which is not yet installed - if you want to insist that it gets installed anyway add the --nodeps option.
  • rpm -e packagename_and_version: Uninstall a package - if there are multiple RPMs with the same packagename this will need both the name of the package and its version number, otherwise just the packagename. If other RPMs are dependent on this RPM then this will fail - you need to uninstall those other RPMs first.
  • rpm --rebuilddb: Rebuild the installed packages database if things get confused.
  • rpm -q --scripts packagename: Look at the scripts the RPM will run as part of the installation and uninstallation processes.(Of specialist interest only !)

Useful dpkg commands

  • dpkg -l $regexp: List all the packages matching $regexp, their status and a brief description.
  • dpkg -p $package: show information about $package.
  • dpkg -S $name: look for packages with the file $name.

Where can I find packages ? - "repositories"

A package repository is simply a collection of packages. Each distribution has its own standard repositories. There are some well known additionsl repositories (e.g. livna.org). The Lab also have several small local ones for home-grow packages (one for "all systems", one for each word length (i.e. 32-bit or 64-bit), and one for each distribution). The University Computing Service maintains a cache of the well know package repositories.

Each machine holds a list of the repositories to be searched when a particular package is requested. There are various "higher level" tools which can be used to install packages, such as yum (for RPMs) and apt-get (for .debs), which will look through this list and which will then fetch the package from the appropriate repository. So users can effectively select from a list of packages which we provide, because we provide the list of repositories. A few of the packages which users can install add extra repositories to the list which the commands search (they create a new file in /etc/yum.repos.d/ or /etc/apt/sources.list.d/) thereby allowing a user to "add" a repository to the set of those which are searched.

There can occasionally be problems using multiple repositories as they may contain incompatible packages. A well-known example is the mplayer utility. Both the freshrpms and livna repositories contain an "mplayer" package. They are actually different packages, containing different things, and they have different dependencies. Thus to install a working version of mplayer you need to specify that all of the packages it requires come from the same repository. (See below for a fix for this specifix problem.)

Gaining privilege: sudo, xsudo, cl-asuser

Users cannot login as root to install software, and hence will not have write access to the directories into which a package typically wants to put the files. There are various ways in which a user can temporarily be given the right to run certain commands, including those used to install software.

The main way in general to gain privilege is to use the sudo command. This allows a permitted user to execute a few or ALL commands as the superuser or another user, as specified in the file /etc/sudoers. Typically there will be a small number of commands that you can run on a given machine without giving a password - you can find out which with the "sudo -l" command:

User ab123 may run the following commands on this host:
    (ALL) ALL
    (root) NOPASSWD: /usr/bin/cl-asuser
    (root) NOPASSWD: /usr/bin/cl-mkscratchdir
    (root) NOPASSWD: /usr/bin/mkscratchdir

Any application which tries to open a window under X which is run as root cannot ordinarily connect to the X server because access to the users .Xauthority file is denied to root over NFS. In this case use xsudo which is a wrapper to sudo which ensures that the X window can be opened.

The output of "sudo -l" shown above shows that a user can typically run a number of commands without having to give a password (those shown with "NOPASSWD"). Among these commands for the registered user of a machine (the owner of the file /etc/user-config/bundles) will be the command cl-asuser - this allows the registered user to run a number of other "safe" commands with raised privileges. If a command is available under cl-user, it's generall better to use it rather than sudo, as it avoids having to type your password, and it may perform certain sanity checks. Type "cl-asuser --list" to see the available commands, for example

/usr/bin/cl-asuser: valid commands are:
 apt-get         aptitude        aticonfig       blkid           cdrecord
 cfdisk          chkconfig       chmod           chown           chroot
 cl-add-rpms     cl-hostid-fix   cl-isidle       cl-make-ownfiles
 cl-mkscratchdir cl-patch-file   cl-update-authorized-keys
 cl-update-system                cl-writedvdimage                dd
 debuginfo-install               dellmgr         dhclient
 dpkg-reconfigure                eject           envyng          ethtool
 ext2online      fdisk           fix.files       fsck            gdmsetup
 gparted         hdparm          ifconfig        invoke-rc.d     ip6tables
 ipmitool        ipt_recent      iptables        iwconfig        k3b
 list            lvm             mdadm           mdadm-E         mkdir
 mkfs            mknod           mkswap          modprobe        mount
 nspluginwrapper ntpdate         nvidia-xconfig  parted          partprobe
 passwd          pirut           pm-hibernate    pm-suspend
 pm-suspend-hybrid               pup             reiserfsck      repo-able
 resize2fs       restorecon      rm              rpm             semanage
 semodule        sensors         sensors-detect  service         setenforce
 setup-rc.d      sfdisk          shutdown        smartctl        ssh-wrong-host
 swapoff         swapon          system-config-display
 system-config-keyboard          system-config-language
 system-config-lvm               system-config-securitylevel
 system-config-soundcard         tune2fs         tw_cli          ufw
 umount          usermod         virsh           virt-install    virt-manager
 wifi-radar      xenguest-install                xenmon.py       xm
 yum             yum-complete-transaction        yumex
Note in particular the presence of the yum and apt-get commands in that list. cl-asuser imposes some restrictions on the arguments which can be passed to certain commands, protecting users from doing too much damage in some instances.

Software installation using yum

There are several tools available to install RPMs, the main one being the command lin interface yum. To install an extra RPM which is in one of the known repositories, use cl-asuser to run the yum command. yum stands for Yellowdog Updater Modified, being a modified version of a previous package management utility originally written for Yellow Dog Linux - it is now widely used by those versions of Linux which support RPMs (including Fedora Core).

Run the command "cl-asuser yum install packagename" where packagename is the name of a package. (On a 64 bit machine it may install the 32-bit and 64-bit versions of packagename if both are available. To avoid this use "cl-asuser yum install packagename.x86_64" instead.)

How do I know the name of the package ? If using yum then you can usually just guess - for example, the xfig utility is provided by the "xfig" package. There are some non obvious common examples, see below. Or there are some useful yum commands (all of which will take regular expressions as arguments):
  • "yum list packagename": list RPMs which match packagename
  • "yum provides filename": list RPMs which provide filename (or feature)
  • "yum search string": list RPMs which mention string in their info

For example, to install the utility xv run the command "cl-asuser yum install xv", which results in:

Loading "fastestmirror" plugin
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
CL-redhat                 100% |=========================|  951 B    00:00
livna                     100% |=========================| 1.1 kB    00:00
http://mirror.atrpms.net/fedoracore/6/i386/os/repodata/repomd.xml:
[Errno 12] Timeout: urlopen error timed out
Trying other mirror.
core                      100% |=========================| 1.1 kB    00:00
CL                        100% |=========================|  951 B    00:00
updates                   100% |=========================| 1.2 kB    00:00
freshrpms                 100% |=========================| 1.1 kB    00:00
CL-fedora                 100% |=========================|  951 B    00:00
extras                    100% |=========================| 1.1 kB    00:00
Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
http://ayo.uk3.freshrpms.net/fedora/linux/6/i386/freshrpms/repodata/primary.xml.gz:
[Errno 14] HTTP Error 502: Date: Tue, 03 Apr 2007 14:23:41 GMT
Content-Length: 610
Content-Type: text/html; charset=iso-8859-1

Trying other mirror.
primary.xml.gz            100% |=========================|  66 kB    00:00
http://ayo.ie.freshrpms.net/fedora/linux/6/i386/freshrpms/repodata/primary.xml.gz:
[Errno -1] Metadata file does not match checksum
Trying other mirror.
primary.xml.gz            100% |=========================|  64 kB    00:00
freshrpms : ################################################## 176/176
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for xv to pack into transaction set.
xv-3.10a-27.i386.rpm      100% |=========================|  39 kB    00:00
---> Package xv.i586 0:3.10a-27 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 xv                      i586       3.10a-27         CL-redhat         1.6 M

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 1.6 M
Is this ok [y/N]: y
Downloading Packages:
(1/1): xv-3.10a-27.i386.r 100% |=========================| 1.6 MB    00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: xv                           ######################### [1/1]

Installed: xv.i586 0:3.10a-27
Complete!
There are several things to observe in this example. The first is that there are several timeouts and other problems along the way - this is not unusual and does not indicate that the installation failed. The second is that you are asked for confirmation after the RPM is located, but before it is installed (the Is this ok [y/N]: line). If you want it to just do it without asking use the -y option to force a "yes" answer to all questions (i.e. "cl-asuser yum -y install xv").

It is highly recommended that any such additions are added to /etc/user-config/bundles (see below) with a suitable comment, so that your set of packages will be automaticly reloaded if a system re-install is needed.

You can also use yum remove to remove a package, e.g. "cl-asuser yum remove xv" would uninstall xv. Note that it ALSO removes anything which depends on that package, but NOT everything on which it depends. So you have to be careful what you remove as deleting "one" package can cascade and remove hundreds ! "yum install foo; yum remove foo" is not a no-op, as things on which foo depends will have been loaded on "install", but NOT deleted on "remove".

The mplayer problem:
It was stated above that it was sometimes necessary to specify that all of the packages a package requires come from the same repository. This can be done with the yum --disablerepo option. Thus to remove the broke packages that prevent the mplayer utility from working and to install a working set try:

cl-asuser yum -y remove faad2
cl-asuser yum -y remove libdvdnav
cl-asuser yum --disablerepo=freshrpms -y install faad2
cl-asuser yum --disablerepo=freshrpms -y install libdvdnav
cl-asuser yum --disablerepo=freshrpms -y install mplayer

Software installation using apt-get

The main operations install and remove are the same as for yum. However note that whereas "yum update" updates the RPM packages, "apt-get update" updates the meta data, and "apt-get upgrade" is used to actually upgrade the packages.

Non obvious package names

Many packages are named after the commands they provide. Unfortunately, some are less obvious, such as:
      acoread:                AdobeReader_enu
      startkde / KDE:         kdebase
      g++:                    gcc-c++
      alisp / acl:            CL-acl80.64
      tethereal:              wireshark

For a more up-to-date list of the non obvious package names, see the LinuxUserAdmin or debian wiki page

bundles

Users can manually add packages using one of the methods mentioned above. However, if the machine fails and has to be reloaded (or if the machine is to be cloned for another member of the group), these packages will have to be reloaded again manually unless records are kept to allow them to be installed automaticly. The names of bundles of packages to be added to a machine can be put into the file /etc/user-config/bundles and the standard management scripts will ensure the packages are added automaticly. The most basic "bundle" is a package name, e.g. "mplayer". The named package, and the ones on which it depends, will be loaded. The next level is to request all the packages in a "group" are added by having a line starting with an "@", then the group name, which normally starts with "R-", e.g. "@R-CL-basics" includes all the packages which are considered "basic" to convert a "std" install into one suitable for use in the Lab. Groups are a standard yum feature ("groupinstall", "groupremove") so RPM based systems use them. There isn't an equivalent for .deb systems, so they use files file, by default in /etc/manage-scripts/debs/. It is also possible to request that a package (or file) not be loaded by prefixing it with "NOT_", e.g. "NOT_httpd" will request that the httpd package not be loaded. A sample /etc/user-config/bundles file using all three is:
#1 Load mplayer to view AVI files etc
mplayer
#1 Load all the std basic CL packages
@R-CL-basics
#1 No need for HTTP server, so save space etc
NOT_httpd

The command cl-update-system will arrange to do whatever updates it thinks are needed. This is automaticly run once on any day that the machine is running, but can also be run by the nominated user (i.e. the owner of /etc/user-config/bundles). If there is nothing to do, it generates no output. If it hangs, try running it with the "-t" flag which traces what it is doing as it does it. It is actually a script which does a number of things - those relevant here being to update all existing packages, and to check that there are no new packages to be installed due to the contents of /etc/usr-config/bundles.

Alternatively you could run the constituent commands separately:

  • "cl-asuser yum update": (RPM) ensure all installed packages are up to date. If this fails, it might be worth running "yum clean all metadata dbcache" to clean things up.
  • "cl-asuser apt-get update; cl-asuser apt-get upgrade": (.deb) ensure all installed packages are up to date.
  • "cl-asuser cl-add-rpms -a": ensure all the bundled package as specified in /etc/user-config/bundles are installed. From time to time the bundles may change, and new packages may be added.