Menu

RHSA:  Linux Package Management

No Comments

RHCSA Training: Package Management with rpm and yum/dnf

This guide consolidates the core concepts and practical skills for managing software packages on Red Hat Enterprise Linux (RHEL) using both the low-level rpm and high-level yum (or dnf) tools.

Part 1: Core Concepts – rpm vs. yum

Objective: To master the installation, removal, querying, and management of software packages on Red Hat Enterprise Linux (RHEL) using both low-level (rpm) and high-level (yum/dnf) tools.

Key Knowledge Areas:

  • The concept of a software package and dependency resolution.
  • Using rpm for direct package manipulation and queries.
  • Using yum (and its successor, dnf) for repository-based package management.
  • Understanding repositories and their configuration.
  • Performing system updates.

1. Core Concepts: What is a Package?

Think of a Linux software package as a meticulously organized box delivered to your house.

  • The Application: The main item you ordered (e.g., a text editor like nano).
  • Metadata: The packing slip that tells the system:
    • The package name and version.
    • What other “boxes” (libraries or programs) are required for it to work (dependencies).
    • Where to place the files on the system.
    • Scripts to run after installation or removal.
  • The Package File: On RHEL systems, these “boxes” have the file extension .rpm (Red Hat Package Manager).

Package Manager is the tool that opens the box, reads the slip, puts everything in the right place, and handles the paperwork.

2. The Low-Level Tool: rpm

The rpm command is the fundamental tool for handling .rpm files directly. It is powerful but has a critical limitation.

Key Limitation: rpm does not automatically resolve dependencies. If you try to install a package that requires another package, rpm will fail until you manually find and install all required dependencies first. This can lead to a frustrating “dependency hell.”

Essential rpm Commands for RHCSA

CommandDescriptionUse Case & Example
InstallInstalls a package from a local .rpm file.sudo rpm -ivh nano-2.9.8-1.el8.x86_64.rpm
-i: install
-v: verbose
-h: show progress hash marks
UpgradeUpgrades a package if installed; installs it if not.sudo rpm -Uvh nano-2.9.8-1.el8.x86_64.rpm
Erase/RemoveRemoves an installed package.sudo rpm -e nano
QueryChecks if a package is installed.rpm -q nano
Query InfoDisplays detailed package information.rpm -qi nano
Query ListLists all files installed by a package. (Crucial for troubleshooting)rpm -ql nano
VerifyVerifies the integrity of package files. Checks for changes, deletions, or permission modifications.rpm -V nano

Exam Tip: 

  • Use rpm when you are given a specific .rpm file to install or when you need to query/verify what is installed on the system.
  • For most other tasks, you will use yum.

3. The High-Level Tool: yum (and dnf)

To solve the dependency problem, Red Hat introduced yum (Yellowdog Updater, Modified). yum is a high-level wrapper around rpm that works with online repositories.

Key Advantage: 

  • yum automatically resolves, downloads, and installs all dependencies for you.

A Note on yum vs. dnf:

  • dnf is the next-generation version of yum. It is the default package manager in RHEL 8 and 9.
  • For the purposes of the RHCSA exam, yum and dnf are functionally equivalent. The commands are the same (e.g., yum install works, but it’s actually a link to dnf). You can use either command.

Essential yum/dnf Commands for RHCSA

CommandDescriptionExample
InstallInstalls a package and its dependencies from a repository.sudo yum install wget
RemoveRemoves a package and any dependencies that are no longer needed.sudo yum remove wget
UpdateUpdates all system packages to their latest versions. (A critical task!)sudo yum update
Update (specific)Updates a single package.sudo yum update nano
SearchSearches repository metadata for a package.yum search "text editor"
List InstalledChecks if a specific package is installed.yum list installed wget
InfoShows detailed information about a package (from the repository).yum info wget
ProvidesFinds which package provides a specific file. (Extremely useful!)yum provides /etc/passwd
HistoryViews a log of past yum transactions. Allows for undo/rollback.sudo yum history
sudo yum history undo 15

4. Understanding Repositories

Repositories (“repos”) are centralized online storage locations that hold thousands of .rpm packages and their metadata.

  • Official Repos: RHEL uses official Red Hat repositories (BaseOS, AppStream) that are enabled by subscription.
  • Repo Configuration: Repository definitions are stored as .repo files in the /etc/yum.repos.d/ directory. Each file tells yum the repository’s name, base URL, and whether it is enabled.
  • GPG Keys: Repositories are often signed with GPG keys for security. The system verifies package integrity using these keys.

Key Repository Command:

yum repolist all 

  • Lists all configured repositories (both enabled and disabled).

5. When to Use rpm vs. yum/dnf

ScenarioRecommended ToolReason
Installing from a downloaded .rpm filerpm -ivhDirect file manipulation.
Installing software by name from the internetyum installAutomatic dependency resolution.
Checking which files belong to a packagerpm -qlFast, low-level query.
Updating the entire systemyum updateSafely handles all dependencies.
Working on a system with no internet accessrpmYou must use locally stored packages.
Deep troubleshooting (e.g., verifying file integrity)rpm -VDirect access to the package database.

2. Using yum for Package Discovery and Installation

Objective: To demonstrate the practical use of yum for searching, inspecting, and installing software packages, which is a critical skill for the RHCSA exam.

Key Skills Demonstrated:

  • Accessing command-line help.
  • Searching repository packages with yum search.
  • Inspecting package details with yum info.
  • Installing packages with yum install.

Demo Walkthrough & Expanded Explanation

Step 1: Accessing the Terminal

All package management in a server environment is done via the command line. The Terminal is your primary interface.

  • Action: Open the Terminal via the Activities menu or use the keyboard shortcut Ctrl + Alt + T.

Step 2: Understanding yum --help

Before using any command, knowing how to access its built-in help is a fundamental sysadmin skill.

  • Command:bashyum –help
  • Output & Explanation: The output is a quick reference guide. For the RHCSA, you should be familiar with these common options:
    • install: Installs a package and its dependencies.
    • remove: Removes a package and any now-unneeded dependencies.
    • update: Updates all packages or a specified one.
    • search: Searches package names and descriptions for a keyword.
    • info: Displays detailed information about a package.
    • provides: Finds which package owns a specific file.
    • list: Lists packages based on criteria (e.g., list installed).

Exam Tip: If you forget a specific yum option during the exam, --help is your fastest and most reliable resource.

Step 3: Searching for Packages with yum search

You often know the function you need but not the exact package name. yum search is your tool for discovery.

yum search nano

  • Output & Explanation: The search looks through package names and descriptions. The key part of the output is:textName Exactly Matched: nano nano.x86_64 : A small text editorThis confirms the package exists and is named nano.
  • Testing for Non-Existent Packages:bashyum search helloOutput:No matches found.
    Explanation: This is a crucial troubleshooting step. If a package isn’t found, it means:
    1. The package name is incorrect.
    2. The required repository is not enabled or configured.
    3. The package simply doesn’t exist in your current repos.

Step 4: Inspecting Packages with yum info

Always inspect a package before installation. This is a best practice to avoid installing the wrong software.

yum info nano

  • Output & Explanation: The information provided is vital for system management:
    • Name: The exact package name (nano).
    • Version & Release: The specific software version (5.6.1). Critical for troubleshooting and compliance.
    • Architecture: The CPU architecture (x86_64).
    • Size: The download and install size (2.7 M). Important for systems with limited resources.
    • Repository: Which repo it comes from (appstream). Helps verify the source is trusted.
    • Description: A detailed summary of the package’s purpose.

Exam Tip: Use yum info to confirm you are about to install the correct package and to note its version.

Step 5: Installing Packages with yum install

This is the final step where the software is actually deployed to the system.

yum install nano

  • Output & Explanation (in the demo):textPackage nano is already installed. Dependencies resolved. Nothing to do. Complete!Explanation: This demonstrates that yum is intelligent. It checks the local database first and will not reinstall a package unnecessarily.
  • What a Real Installation Looks Like:
    If nano were not installed, yum would:
    1. List the package(s) to be installed.
    2. List all dependencies that will also be installed.
    3. Show the total transaction size and ask for confirmation: Is this ok [y/N]:
    4. You must type y and press Enter to proceed. The installation will then run automatically.

Key Takeaways for the RHCSA Exam

  1. The Standard Workflow: Your process for installing an unknown package should be: Search -> Info -> Install.
  2. yum Handles Dependencies Automatically: Unlike rpm, you do not need to manually find and install dependencies. yum resolves, downloads, and installs them all.
  3. Always Confirm: The yum install command will always prompt you before making changes. This is your last chance to abort if you see unexpected packages.
  4. Know Why a Package Might Not Be Found: If yum search returns nothing, you should be able to diagnose the potential causes (wrong name, missing repo).

By mastering this yum workflow, you ensure that you can efficiently and correctly manage software on a RHEL system, a core competency for the RHCSA exam.

3. Mastering the rpm Command

Objective: To demonstrate the practical use of the low-level rpm command for querying, verifying, and installing software packages. This is a critical skill for the RHCSA exam, especially for scenarios involving offline packages and deep system inspection.

Key Skills Demonstrated:

  • Querying package installation status.
  • Retrieving detailed package information.
  • Listing files owned by a package.
  • Verifying package integrity.
  • Identifying the package that owns a specific file.
  • Understanding the manual installation process and its limitations.

Demo Walkthrough & Expanded Explanation

Step 1: Accessing rpm Help

The rpm command is extensive. Knowing how to access its help is the first step to using it effectively.

  • Command:bashrpm –help
  • Key Flags for RHCSA: From the output, focus on these essential options:
    • -q, --query: The foundation for all query operations.
    • -i: Display package information (used with -q).
    • -l: List files in a package (used with -q).
    • -f, --file: Query the package that owns a file.
    • -V, --verify: Verify the integrity of package files.
    • -i, --install: Install a package.
    • -U, --upgrade: Upgrade a package.
    • -e, --erase: Remove (erase) a package.

Exam Tip: rpm --help gives a concise overview. For exhaustive detail, use the man page: man rpm.

Step 2: Querying Package Installation (rpm -q)

This is the most basic check to see if a package is installed.

rpm -q nano

  • Output (if installed):nano-5.6.1-7.el9.x86_64
    • Breakdown: nano (package name), 5.6.1 (version), 7.el9 (release for RHEL 9), x86_64 (architecture).
  • Output (if not installed): package nano is not installed

Step 3: Getting Detailed Package Information (rpm -qi)

This provides a “birth certificate” for an installed package, which is invaluable for auditing and troubleshooting.

rpm -qi nano

  • Key Information in Output:
    • Name, Version, Release: Precisely identifies the software build.
    • Architecture: Confirms it’s built for your system (e.g., x86_64).
    • Install Date: Tells you when the package was installed.
    • Group: Categorizes the software (e.g., Applications/Editors).
    • Signature: Crucially important. The RSA/SHA256 signature and Key ID verify that the package is a trusted, unaltered binary from Red Hat. This ensures security and integrity.
    • Description: Confirms the package’s purpose.

Step 4: Listing Package Files (rpm -ql)

This answers the question: “What files did this package actually put on my system?”

rpm -ql nano

  • Output & Explanation: You will see a list of every file installed by nano, including:
    • Binaries: /usr/bin/nano
    • Configuration Files: /etc/nanorc
    • Documentation: /usr/share/doc/nano/..., man pages.
  • Practical Use Case: If you find a strange file and want to know what software it belongs to, you can cross-reference it with this list. Conversely, if you know a configuration file was modified, you can verify its integrity (see next step).

Step 5: Verifying Package Integrity (rpm -V)

This is a powerful troubleshooting command that checks if files from an installed package have been changed from their original state.

rpm -V nano

  • Output & Explanation:
    • No Output: This is good! It means all files are unchanged.
    • If Output Appears: It lists files that have been modified, along with a flag indicating what changed. For example:
      • S – File size differs
      • M – Mode (permissions) differ
      • 5 – MD5 checksum differs (the content was modified)
      • U – User ownership differs
      • G – Group ownership differs
      • missing – The file is missing.

Exam Scenario: You are told a critical application is failing. Using rpm -V [package-name] can quickly tell you if its core binaries or config files have been accidentally altered or deleted.

Step 6: Identifying the Package Owning a File (rpm -qf)

This is the reverse of rpm -ql. It answers: “Which package does this file belong to?”

rpm -qf /usr/bin/nano

  • Output: nano-5.6.1-7.el9.x86_64
  • Practical Use Case: You find a command (/usr/bin/wget) and want to install the package that provides it. rpm -qf tells you the package name is wget. You can then install it with yum install wget.

Step 7: Installing a Package with rpm (rpm -ivh)

This demonstrates the manual installation process and its critical caveat.

sudo rpm -ivh nano-5.6.1-7.el9.x86_64.rpm

  • The Critical Limitation (Dependency Hell): If nano required a library called libmagic, the command would fail with an error like:texterror: Failed dependencies: libmagic.so.1()(64bit) is needed by nano-5.6.1-7.el9.x86_64You would then have to manually find the libmagic package, install it, and repeat for its dependencies—a tedious and error-prone process.

Key Takeaways for the RHCSA Exam

  1. rpm is for Inspection and Offline Installs: Its primary strength is querying the package database (-q) and verifying the system (-V-qf). Use it for installation (-ionly when you have a local .rpm file and are prepared to handle dependencies manually.
  2. yum/dnf is for Installation: For almost all installation tasks, use yum install. It automatically resolves dependencies from repositories.
  3. The Verification Workflow: rpm -V is a powerful, often-overlooked tool. Know how to use it to diagnose system issues.
  4. Know the Relationship: yum is a high-level tool that uses rpm underneath. When yum installs a package, it ultimately calls rpm to perform the installation after resolving dependencies.

By mastering these rpm commands, you demonstrate a deep understanding of how the RHEL package management system works, which is essential for passing the RHCSA exam and for effective system administration.

4. System Updates and Upgrade Management with yum

Objective: To demonstrate the practical use of yum for checking, applying, and auditing system updates. Keeping a system updated is a fundamental administrative task and is critical for the RHCSA exam.

Key Skills Demonstrated:

  • Checking for available updates.
  • Performing full system updates.
  • Updating specific packages.
  • Applying security-specific updates.
  • Reviewing update history for auditing and troubleshooting.

Demo Walkthrough & Expanded Explanation

**Step 1: Checking for Available Updates (yum check-update)

This is a “dry run” that scans all configured repositories to see what package updates are available without making any changes to the system.

sudo yum check-update

  • Output & Explanation:
    • If updates are available: It will list the packages with their current and available versions (e.g., kernel-5.14.0-284.el9.x86_64 -> kernel-5.14.0-305.el9.x86_64).
    • If no updates are available: The command returns to the prompt with no output. This is the expected behavior for “no news is good news” in this context.
    • Exit Codes: This command has specific exit codes useful for scripting: 0 for no updates, 100 for updates available, and other codes for errors.

Exam Tip: Use yum check-update to quickly assess the update state of a system without committing to an installation.

**Step 2: Performing a Full System Update (yum update -y)

This is the primary command for keeping a RHEL system current. It resolves dependencies, downloads all available updates, and installs them.

sudo yum update -y

  • Breakdown of the Command:
    • update: The action to upgrade all installed packages to their latest available versions.
    • -y: The “yes” flag. This automatically confirms the transaction prompt. Use with caution in production, but it’s essential for the exam to avoid manual input.
  • What Happens:
    1. yum calculates the transaction: which packages will be updated, installed, or obsoleted.
    2. It shows a summary and, without the -y flag, asks Is this ok [y/N]:.
    3. After confirmation, it downloads and installs all packages.
    4. Critical Point: A kernel update will require a system reboot to activate.

Exam Tip: If an exam task says “update the system,” sudo yum update -y is the command to use. Be prepared that a kernel update might be part of it.

**Step 3: Upgrading the System (yum upgrade -y)

In modern RHEL (versions 7+), yum update and yum upgrade are functionally identical. Historically, upgrade was more aggressive about removing obsolete packages. For the RHCSA, you can treat them as the same.

sudo yum upgrade -y

  • Practical Advice: The Red Hat documentation often recommends using yum update. For the exam, if the task says “upgrade,” using upgrade is safe, but update will achieve the same result.

**Step 4: Updating a Specific Package (yum update <package_name>)

You often need to update a single application without updating the entire system.

sudo yum update bash

  • Output & Explanation: If the package is already the latest version, you will see Nothing to do. Complete!. If an update is available, yum will perform the update for bash and only its dependencies, not every package on the system.
  • Use Case: This is useful for applying a specific bug fix or security patch for a single service.

**Step 5: Applying Security Updates (yum update --security)

This is a critical command for maintaining system security. It filters available updates to install only those that fix security vulnerabilities.

sudo yum update –security

  • Prerequisite: This requires your system to be subscribed to the official Red Hat repositories, as they provide the metadata that classifies an update as a security fix.
  • Exam Relevance: A task might ask you to “apply all available security patches.” This is the command to use.

**Step 6: Reviewing Update History (yum history)

This is your system’s “flight recorder.” It provides a complete audit trail of all yum transactions, which is invaluable for troubleshooting.

sudo yum history

  • Output Interpretation: The history list shows:
    • ID: A unique transaction number.
    • Command: The exact command that was run (e.g., updateinstall nano).
    • Date and Time: When the action occurred.
    • Action(s): What was done (Installed, Updated, Erased, etc.).
    • Altered: The number of packages affected.
  • Powerful Follow-up Commands:
    • sudo yum history info <ID>: Shows detailed information about a specific transaction, including all packages that were changed.
    • sudo yum history undo <ID>This is a lifesaver. It attempts to reverse the transaction with the given ID. For example, if an update broke an application, you can undo it to revert to the previous state.

Exam Tip: If you make a mistake during the exam (e.g., remove the wrong package), yum history and yum history undo are your best friends for recovery.

Key Takeaways for the RHCSA Exam

  1. Know the Core Update Command: sudo yum update -y is the workhorse for updating the entire system.
  2. Understand check-update vs. update: Use the first to see what’s available; use the second to actually perform the update.
  3. Specific Package Updates: You can update a single package by naming it (e.g., yum update kernel).
  4. Security is a Priority: Know how to apply only security-related patches using yum update --security.
  5. Audit and Rollback: yum history is not just for logging; it’s a powerful troubleshooting and recovery tool. You must be comfortable using it to inspect past actions and undo them if necessary.

5. Package Lifecycle Management with yum

Objective: To demonstrate the complete lifecycle of a software package using yum, from installation and verification to removal. This is a fundamental, hands-on skill required for the RHCSA exam.

Key Skills Demonstrated:

  • Installing a package and its dependencies with yum install.
  • Verifying installation using both rpm and yum history.
  • Removing a package cleanly with yum remove.
  • Confirming package removal.

Demo Walkthrough & Expanded Explanation

Step 1: Installing a Package (yum install)

The yum install command is the standard method for adding software from configured repositories. Its key advantage is automatic dependency resolution.

sudo yum install httpd

  • What Happens & What to Observe:
    1. Dependency Resolution: yum calculates that httpd requires other packages to function. It doesn’t just install one package; it installs 11 in this case.
    2. Transaction Summary: Before doing anything, yum presents a summary:
      • Packages to Install: Lists the main package and all dependencies.
      • Total Download Size: Shows the network bandwidth required.
      • Total Installed Size: Shows the disk space that will be used.
    3. User Confirmation: The prompt Is this ok [y/N]: is a critical safety check. You must type y and press Enter to proceed.
    4. Completion: The Complete! message indicates a successful installation.

Exam Tip: Always read the transaction summary. It ensures you are not accidentally installing unwanted or conflicting packages.

Step 2: Verifying Installation

After any installation or removal, verification is a crucial step.

Method 1:  rpm -q (Direct Query): rpm -q httpd

Method 2: yum history (Audit Trail): sudo yum history

  • Output Interpretation: You look for the transaction with the action Install and the command install httpd.
  • Why it’s Powerful: This provides an audit log. You can see the transaction ID (e.g., ID 2), which allows you to investigate further or even undo the action.

Step 3: Removing a Package (yum remove)

The yum remove command cleanly uninstalls a package and any dependencies that are no longer needed by other software.

sudo yum remove httpd

  • What Happens & What to Observe:
    1. Transaction Summary: yum shows the packages that will be removed. Notice they are often highlighted in red, providing a clear visual warning.
    2. User Confirmation: Again, you must confirm with y. This prevents accidental removal of critical software.
    3. Cleanup: yum intelligently removes the specified package and any dependencies that were installed with it and are not required by other packages.
    4. Completion: The Complete! message confirms successful removal.

Step 4: Verifying Removal

The final step is to confirm the package is truly gone.

rpm -q httpd

  • Output: package httpd is not installed
  • Explanation: This is the definitive confirmation that the package has been uninstalled from the system.

Key Takeaways for the RHCSA Exam

  1. The Standard Lifecycle Workflow is: Install -> Verify -> Remove -> Verify.
  2. yum handles dependencies automatically in both installation and removal. This is the primary reason to use it over rpm for these tasks.
  3. Always confirm the transaction. The Is this ok [y/N] prompt is your last chance to abort. On the exam, you must type y to proceed.
  4. Verification is not optional. Use rpm -q for a quick check and yum history for a detailed audit log. The exam may ask you to verify your work, and this is how you do it.
  5. yum history is your safety net. If you accidentally remove the wrong package during the exam, you can use sudo yum history undo <ID> to revert the transaction, where <ID> is the transaction number from the yum history list.

6. Manual Package Management with rpm

Objective: To demonstrate the process and, more importantly, the practical limitations of using the low-level rpm command for package installation. This highlights why yum/dnf is the preferred tool and clarifies the exam expectations.

Key Skills Demonstrated:

  • Downloading a local .rpm file using dnf download.
  • Attempting installation with rpm -ivh.
  • Understanding and identifying dependency errors.
  • Resolving the situation using the correct tool (yum install).

Demo Walkthrough & Expanded Explanation

**Step 1: Downloading the Package File (dnf download)

Since rpm works with local files, the first step is to acquire the .rpm file.

dnf download httpd

  • Output & Explanation: This command fetches the httpd-2.4.62-4.el9.x86_64.rpm file from the enabled repositories and places it in your current working directory. It does not install the package.
  • Verification:bashlsThe file will be listed, often highlighted in red to indicate it’s an archive/package file.

**Step 2: The Installation Attempt (rpm -ivh)

This step demonstrates the core weakness of using rpm for installation.

sudo rpm -ivh httpd-2.4.62-4.el9.x86_64.rpm

  • Breakdown of Flags:
    • -i: Install
    • -v: Verbose (shows details)
    • -h: Print hash marks (#####) as a progress bar.
  • The Inevitable Outcome: Dependency Failures.
    • Output: You will see errors like:texterror: Failed dependencies: httpd-core = 2.4.62-4.el9 is needed by httpd-2.4.62-4.el9.x86_64 system-logos-httpd is needed by httpd-2.4.62-4.el9.x86_64
    • Explanation: The httpd package is a meta-package that relies on other packages (like httpd-core) to function. The rpm command sees that these required packages are not installed and aborts the entire operation. It will not proceed until you manually find, download, and install every single dependency, which can lead to a “dependency hell.”

**Step 3: The Correct Solution (yum install)

The demo correctly pivots to using the high-level tool to solve the problem rpm cannot.

sudo yum install httpd

  • Why This Works:yum does not rely on a local file. It:
    1. Analyzes the dependency tree for the httpd package.
    2. Calculates all required packages.
    3. Downloads everything needed from the repositories.
    4. Uses rpm internally to install all components in the correct order.
  • Exam Relevance: This is the standard, correct method for installing software from repositories.

**Step 4: Cleaning Up the Local File

After the installation is complete, the local .rpm file is no longer needed.

rm httpd-2.4.62-4.el9.x86_64.rpm

  • Verification: Use ls to confirm the file has been deleted.

Critical Analysis: Key Takeaways for the RHCSA Exam

  1. rpm -ivh is for Local Files, Not Package Names: You cannot run rpm -ivh httpd. You must have the local .rpm file first. Use dnf download to get it.
  2. rpm Does Not Resolve Dependencies: This is the single most important point. The rpm command is a low-level tool that installs only what you tell it to install. It will fail if any prerequisites are missing.
  3. yum/dnf is the Solution to Dependency Hell: The primary role of yum is to be a dependency resolver. It finds and installs all required packages automatically.
  4. When to Use rpm for Installation on the Exam:
    • Only when explicitly instructed to install from a specific, provided .rpm file path (e.g., Install the package from /tmp/mypackage.rpm).
    • In such a case, you must be prepared for dependency errors. The exam question might be testing your ability to resolve them manually or your understanding that the failure is due to dependencies.
  5. The Standard Workflow is yum install: For 99% of tasks, if you are asked to “install a package,” the intended method is yum install [package_name].

Summary: rpm vs. yum for Installation

ScenarioCommandHandles Dependencies?Use Case
Install from repositoriessudo yum install httpdYesDefault, recommended method
Install a local .rpm filesudo rpm -ivh package.rpmNoManual installs; offline environments
Download a local .rpm filednf download httpdN/APreparing for a manual rpm installation

7. Creating a Local YUM Repository

Objective: To demonstrate the process of creating a local YUM repository by mounting an ISO image and configuring the system to use it as a software source. This is a critical skill for managing systems in isolated environments without internet access.

Key Skills Demonstrated:

  • Mounting an ISO file as a loop device.
  • Creating a custom YUM repository configuration file.
  • Verifying the repository is correctly recognized.
  • Understanding repository configuration parameters.

Demo Walkthrough & Expanded Explanation

Step 1: Preparation – The ISO File

The foundation of a local repository is the package source. For RHEL, this is typically the installation ISO.

  • The Source: rhel7.iso (or the equivalent for your RHEL version). This file contains all the packages in the Packages/ directory and the necessary metadata (repodata/).
  • Verification: ls pwd Confirms the ISO is present and notes its full path (/root/rhel7.iso in this case).

Step 2: Creating the Mount Point

A mount point is simply an empty directory that will act as an access point for the contents of the ISO.

sudo mkdir -p /mnt/rhel
  • Breakdown:
    • mkdir: Creates a directory.
    • -p: Creates parent directories if they don’t exist. This ensures /mnt is created if needed.
    • /mnt/rhel: A standard, descriptive location for a temporary filesystem mount.

Step 3: Mounting the ISO File

This step makes the contents of the ISO file accessible to the system as if it were a physical DVD-ROM.

sudo mount -o loop /root/rhel7.iso /mnt/rhel
  • Breakdown:
    • mount: The command to attach a filesystem.
    • -o loop: Treats the regular file (rhel7.iso) as a block device (like a CD-ROM).
    • /root/rhel7.iso: The source file.
    • /mnt/rhel: The target mount point.
  • Expected Warning: WARNING: ... read-only. This is normal. ISO filesystems are inherently read-only.

Step 4: Creating the Repository Configuration File

This is the core of the setup. It tells yum where to find the local repository.

/etc/yum.repos.d/local.repo
  • File Location:
  • /etc/yum.repos.d/local.repo
    • yum reads all files with the .repo extension in this directory.
  • Command to Create/Edit:
sudo nano /etc/yum.repos.d/local.repo
  • Configuration Content:ini[LocalRepo] name=RHEL7 Local Repo baseurl=file:///mnt/rhel enabled=1 gpgcheck=0
  • Parameter Breakdown:
    • [LocalRepo]: A unique ID for the repository. This is what yum commands will reference.
    • name: A human-readable description.
    • baseurl=file:///mnt/rhelCrucial. This specifies the location using the file:// protocol, pointing to our mount point. Note the three slashes (file:///).
    • enabled=1: Tells yum this repository is active.
    • gpgcheck=0: Disables GPG signature checking. In a production environment, this is a security risk. It’s used here for simplicity. The best practice is to set gpgcheck=1 and import the Red Hat GPG key with rpm --import /mnt/rhel/RPM-GPG-KEY-redhat-release.
[LocalRepo]: 
name: CentOS RHEL 9.6 - BASEOS
baseurl=file:///mnt/rhel:
enabled=1
gpgcheck=0
CentOS-Stream-BaseOS.repo
[baseos]
name=CentOS Stream 10 - BaseOS
baseurl=https://mirror.stream.centos.org/10-stream/BaseOS/x86_64/os/
gpgcheck=0
enabled=1
gpgkey=https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official
sslverify=0

Step 5: Verification

Always verify your setup to ensure yum can see and use the new repository.

  • Verify the Mount:
    • lsblk
      • Look for a loop device with its mount point listed as /mnt/rhel.
  • Verify the Repository:
    • yum repolist
      • This is the definitive check. Look for LocalRepo in the output. If it appears, the configuration is successful.
  • Test Functionality:
    • yum –disablerepo=”*” –enablerepo=”LocalRepo”
      • list availableThis command disables all other repositories and lists packages available only from your new local repo, confirming it’s working.

Key Takeaways for the RHCSA Exam

  1. Purpose: Local repositories are essential for air-gapped systems or for conserving bandwidth. The exam may present a scenario without internet access.
  2. The Four-Step Process:
    • Create Mount Point: mkdir -p /mnt/rhel
    • Mount the ISO: mount -o loop /path/to/iso /mnt/rhel
    • Create Repo File: Create a .repo file in /etc/yum.repos.d/ with the correct baseurl.
    • Verify: Use yum repolist to confirm.
  3. Understand baseurl: The file:/// protocol and the absolute path to the mount point are critical. A single typo here will cause the repository to fail.
  4. Security vs. Practicality: Know what gpgcheck=0 does. While used here for simplicity, be prepared to import a GPG key if required by an exam question.
  5. Persistence: This mount is temporary (non-persistent). To make it survive a reboot, you would need to add an entry to /etc/fstab. For a one-time exam task, this is likely not required, but understanding the concept is valuable.

Leave a Reply

Your email address will not be published. Required fields are marked *

About

Enter your site info here.

Recent Posts