rpm
Low-level tool to install, query, and verify RPM packages
By CMD Script Team · 4 min read · Last updated
rpm [OPTIONS] [PACKAGE...]Options
| Flag | Description |
|---|---|
-i | Install a package from a local .rpm file |
-q | Query whether a package is installed and show its version |
-e | Erase (uninstall) an installed package |
-qa | Query all: list every package currently installed |
-U | Upgrade a package, installing it even if no earlier version exists |
-V | Verify an installed package's files against its recorded checksums/permissions |
-qi | Query and show detailed information about a package |
-qf | Query which package owns a given file, e.g. rpm -qf /usr/bin/nginx |
Distribution compatibility
- RHEL
- CentOS
- Fedora
- openSUSE
- Amazon Linux
What it does
rpm (RPM Package Manager) works directly with .rpm package files: installing,
querying, verifying, and removing them. It's the low-level engine underneath
higher-level tools like yum and dnf, but unlike them, rpm does not reach out to
any repository and does not resolve dependencies — it only acts on the exact package
file (or installed package name) you give it. That makes it precise and fast for
direct package inspection and installs from a local file, but it will simply refuse to
install a package whose dependencies aren't already satisfied, which is exactly the gap
yum/dnf exist to fill.
Beginner examples
rpm -ivh package.rpm— install a package from a local file, showing progress hash marks (-h) and verbose output (-v)rpm -q nginx— check whethernginxis installed and print its version if sorpm -qa— list every package currently installed on the systemrpm -e nginx— uninstall (erase) thenginxpackage
rpm -ivh ./custom-tool-2.1.0.rpm
Advanced examples
- Show detailed metadata about an installed package:
rpm -qi nginx - Find out which package owns a specific file on disk:
rpm -qf /etc/nginx/nginx.conf - List the files a package installed:
rpm -ql nginx - Verify an installed package's files haven't been modified since install:
rpm -V nginx - Upgrade to a newer version of a package from a local file, even if none is currently
installed:
rpm -Uvh nginx-1.25.0.rpm
rpm -qa | grep -i openssl
Common mistakes
- Running
rpm -i package.rpmon a package with unmet dependencies and getting a "Failed dependencies" error, then trying to manually chase down every dependency by hand instead of usingyum/dnf install ./package.rpm, which resolves them automatically. - Confusing
-i(install) with-U(upgrade) —-Uinstalls even if no prior version exists, while plain-iwill refuse to "upgrade" over an existing installation of the same package. - Forgetting
-qarequires the-q(query) mode — runningrpm -aalone is not a valid combination and does nothing useful. - Expecting
rpm -eto remove dependent packages automatically — it only removes the named package and errors out if something else still depends on it.
Tips
- Combine
rpm -qawithgrepto quickly check whether something specific is installed, e.g.rpm -qa | grep -i python3. rpm -qf /path/to/fileis a fast way to identify what installed a mysterious binary or config file when investigating an unfamiliar system.- Use
rpm -qpi package.rpm(note the extrapfor "package file") to inspect metadata of an.rpmfile before installing it.
Best practices
- Prefer
yum/dnf install ./file.rpmover rawrpm -ifor anything with dependencies, since it resolves them automatically instead of failing outright. - Use
rpm -Vperiodically (or as part of a security audit) to detect unexpected changes to files belonging to installed packages. - Keep a habit of checking
rpm -qibefore removing an unfamiliar package, to understand what it provides and whether anything depends on it.
Try it yourself
A simulated shell with a sample home directory — experiment freely, nothing leaves your browser. Type help to list supported commands.
Real-world use cases
- Installing a vendor-provided or custom-built
.rpmthat isn't available in any configured repository. - Auditing a server for installed package versions during a vulnerability review, e.g.
rpm -q openssl. - Tracing an unexpected file or binary back to the package that installed it during incident investigation.
Common interview questions
- What's the key difference between rpm and yum/dnf?
rpminstalls/queries exact package files without resolving dependencies;yum/dnfadd repository management and automatic dependency resolution on top of the same underlying RPM package format. - How would you install an RPM file that has unmet dependencies? Use
yum install ./file.rpmordnf install ./file.rpminstead of rawrpm -i, since those tools will fetch and install the missing dependencies from configured repositories. - How do you find out which installed package a specific file belongs to?
rpm -qf /path/to/file.
Frequently Asked Questions
Why does rpm -i sometimes fail with 'Failed dependencies'?
rpm installs exactly the package file you give it and does not fetch or resolve dependencies on its own. If the package needs libraries or other packages that aren't already installed, rpm refuses to install it; use yum/dnf install ./file.rpm instead, which resolves and installs dependencies automatically.
How do I check which package a file on disk belongs to?
rpm -qf /path/to/file reports the name of the installed package that owns that file, which is useful when tracking down where a binary or config file came from.
How do I list every package installed on a system?
rpm -qa lists all installed packages; pipe it through grep to search for one, e.g. rpm -qa | grep openssl.
What's the difference between rpm -e and yum remove?
rpm -e removes exactly the named package and fails if other installed packages depend on it; yum remove also handles dependency-aware removal and can cascade to remove packages that depended solely on the one being removed.
Cheat sheet
Download a quick-reference cheat sheet for rpm.