Red Hat Packages

1. RPM Packaging Basics

Red Hat systems use the RPM Package Manager (RPM) to handle software distribution, ensuring consistency, ease of installation, and maintenance.

Key Components of an RPM Package

1. Metadata:

Information about the package (e.g., name, version, release, license).

2. Compiled Binaries:

Executables and libraries required for the software to function.

3. Configuration Files:

Default settings, typically stored in /etc.

4. Scripts:

Pre- and post-install/uninstall scripts for setup and cleanup tasks.

2. The Spec File

The spec file, located in ~/rpmbuild/SPECS, defines how an RPM package is built and what it contains. It is the blueprint of the package.

Key Sections of a Spec File

1. Header

Contains metadata such as package name, version, and license.

2. Build Requirements

Specifies dependencies needed during the build process (e.g., BuildRequires: gcc).

3. Source and Patch Definitions

Points to source tarballs and patch files.

4. Build Instructions

Includes build steps, typically using make or similar tools.

5. File List

Defines the files and directories included in the package.

6. Changelog

Tracks changes made to the package over time.

3. Basic RPM Commands

Managing RPM Packages

Install a Package

sudo rpm -ivh package.rpm

Upgrade a Package

sudo rpm -Uvh package.rpm

Query Installed Packages

rpm -q package-name

Verify a Package

rpm -V package-name

Remove a Package

sudo rpm -e package-name

Building RPM from source

rpmbuild -ba ~/rpmbuild/SPECS/package.spec

4. YUM and DNF Package Managers

YUM and DNF are tools built on top of RPM to handle package management with automatic dependency resolution.

Install a Package

sudo dnf install package-name

Remove a Package

sudo dnf remove package-name

Update all Packages

sudo dnf update

Search for a package

dnf search package-name

List installed Package

dnf list installed

5. Patching RPM Packages

Patching involves modifying a package to fix vulnerabilities, add customizations, or remove branding. It ensures packages meet specific security or functional requirements. Patching Workflow

1. Extract the Source RPM

pmbuild --rebuild package.src.rpm

2. Apply the Patch

Patch1: my-patch.patch

Apply the patch during the build process

%prep
%setup -q
%patch1 -p1

3. Build the Patched Package

rpmbuild -ba ~/rpmbuild/SPECS/package.spec

4. Verify the Package (Check Integrity)

rpm -K package.rpm

6. Golden Images

A golden image is a pre-configured template system image used for deploying systems quickly and consistently.

Golden Image Best Practices

  1. Start with a Minimal Base

  2. Apply Customizations

  3. Include Patches

  4. Regular Updates

  5. Validation