Sometimes, after we download an rpm package manually, would need to check the package integrity sha1 (md5) or signature to avoid problems once it’s installed or during the installation. Also, we may need to find other package information like vendor, description, summary. This post describes ways to check rpm package integrity as well as package information.
Checking rpm package integrity
Use the command “rpm -K –nosignature [rpm-file]“. For example:
# rpm --checksig sendmail-8.14.7-5.el7.x86_64.rpm sendmail-8.14.7-5.el7.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
The "md5 OK" message displayed means that the file was not corrupted by the download. Also, To see a more verbose message, replace -K with -Kvv in the command. For example:
# rpm -Kvv --nosignature rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key D: loading keyring from rpmdb D: opening db environment /var/lib/rpm cdb:mpool:joinenv D: opening db index /var/lib/rpm/Packages rdonly mode=0x0 D: locked db index /var/lib/rpm/Packages D: opening db index /var/lib/rpm/Name rdonly mode=0x0 D: read h# 246 Header sanity check: OK D: added key gpg-pubkey-ec551f03-53619141 to keyring D: Using legacy gpg-pubkey(s) from rpmdb D: Expected size: 521888 = lead(96)+sigs(772)+pad(4)+data(521016) D: Actual size: 521888 rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm: Header SHA1 digest: OK (97188088ec13fe00b4845fe3ec9bf733cdb4f132) MD5 digest: OK (96ed25287226d30545906749b5d63901) D: closed db index /var/lib/rpm/Name D: closed db index /var/lib/rpm/Packages D: closed db environment /var/lib/rpm
View rpm package information
To show information about it, use the following command "rpm -qip [rpm-file]". For example:
# rpm -qip rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm Name : rhn-client-tools Relocations: (not relocatable) Version : 1.0.0.1 Vendor: Oracle America Release : 45.0.3.el6 Build Date: Mon 01 Oct 2018 10:53:34 AM EDT Install Date: (not installed) Build Host: x86-ol6-builder-04.us.oracle.com Group : System Environment/Base Source RPM: rhn-client-tools-1.0.0.1-45.0.3.el6.src.rpm Size : 2837189 License: GPLv2 Signature : RSA/8, Mon 01 Oct 2018 10:53:51 AM EDT, Key ID 72f97b74ec551f03 URL : https://fedorahosted.org/spacewalk Summary : Support programs and libraries for Unbreakable Linux Network Description : Unbreakable Linux Network Client Tools provides programs and libraries to allow your system to receive software updates from Unbreakable Linux Network.
To show the same information for an already installed package use the command "rpm -qi [rpm-file]". For example:
# rpm -qi rhn-client-tools Name : rhn-client-tools Relocations: (not relocatable) Version : 1.0.0.1 Vendor: Oracle America Release : 45.0.5.el6 Build Date: Wed 09 Jan 2019 09:35:26 AM EST Install Date: Tue 26 Feb 2019 10:40:04 AM EST Build Host: x86-ol6-builder-05.us.oracle.com Group : System Environment/Base Source RPM: rhn-client-tools-1.0.0.1-45.0.5.el6.src.rpm Size : 2827020 License: GPLv2 Signature : RSA/8, Wed 09 Jan 2019 09:36:17 AM EST, Key ID 72f97b74ec551f03 URL : https://fedorahosted.org/spacewalk Summary : Support programs and libraries for Unbreakable Linux Network Description : Unbreakable Linux Network Client Tools provides programs and libraries to allow your system to receive software updates from Unbreakable Linux Network.