Advantages of using package managers
From Notes_Wiki
Home > CentOS > CentOS 6.x > System administration tools > Package management tools > Advantages of using package managers
Advantages of use of package manager over installation using sources are:
- Files associated with a given package can be listed
- rpm -ql <package name>
- For a given file, package it is associated with can be listed.
- rpm -qf <file-path>
- All files associated with a given package can be removed, even if they're spread out over multiple directories.
- rpm -e <package-name>
- Dependencies for package on other packages or files can be listed
- rpm -qR <package-name> #OR
- yum deplist <package-name>
- Dependencies are downloaded and installed automatically through repositories
- We can check when the last package was installed (that is system was updated), which packages was installed last and when each package was was installed using:
- rpm -qa --last
- Other packages dependent on given package can be listed
- yum remove <package-name> (Can cancel with N)
- Dependent packages are automatically removed when a package is removed
- Cryptographic security ensuring package is not tampered is available
- Handled by yum automatically. Keys are installed in /etc/pki/rpm-gpg folder. Installation works only if package is properly signed
- Upgrading of packages does not overwrites modified configuration files
- Results into .rpmnew or .rpmsave files
- Packages installed by package managers can be updated using package managers easily. This is very important to ensure that all security fixes get applied. In case of sources alternate would be to manually check whether new version of a package is available, try it on a test machine and then deploy it on development machine after taking necessary backup of configuration file. With any decent number of machines or decent number of packages installed on machines using sources, the situation should soon become unmanageable
- yum -y update
- Packages installed via package manager can be downgraded in case of problem
- All packages installed with a particular version of OS are treated as base version. All updates installed afterwards are called updates. If installation of an update leads to system instability or unexpected application behaviour etc. then the package can be downgraded to previous version using:
- yum downgrade <package-name>
-
- This allows one to roll-back updates. Typically large number of users who share the same update notice such problems and a newer bug-fixed version is released within weeks.
- All packages installed with a particular version of OS are treated as base version. All updates installed afterwards are called updates. If installation of an update leads to system instability or unexpected application behaviour etc. then the package can be downgraded to previous version using:
- Package managers ensure that one package does not overwrites file created by another package
- Results into conflicts
- Installation via package manager is fast
- This is because no configure or build step is necessary
- Installation via package manager can be automated very easily
- Installing via package manager uses one consistent syntax across all packages. Hence automation of package based installation is easy. Safe, secure and reliable automation of installation by sources is very tricky due to many reasons such as:
- Detection of whether package is already installed in hard
- Ensuring existing important files are not overwritten is not easy
- Verifying that sources are not tampered is not easy
- Ensuring all the required dependencies of given program being installed are present and are of correct version requires considerable work. Note that ./configure will check if dependencies are present and are of correct version, but it won't install them. The goal is not only to check whether dependencies are present or not, but to install them when required, so that overall installation is successful and can be relied upon.
- Installing via package manager uses one consistent syntax across all packages. Hence automation of package based installation is easy. Safe, secure and reliable automation of installation by sources is very tricky due to many reasons such as:
- Packages installed via package manager ensure consistency among other packages and contribute to overall stability of system
- In distributions such as Cent-OS all packages installed are at least few years old and have been bug-fixed after being used on Desktop editions such as Fedora for considerable time. Although this means that any package takes about 3-4 years before it is available in Cent-OS, this results into very stable system as bleeding edge (very new) packages are not available. Installation of source leaves the version selection choice to installer who always tend to install latest version. It should be noted that even latest stable version is not as stable as a three/four year old version where bug-fixes are back-ported.
- Other example of consistency is to consider three packages A, B and C where B requires A to have version >1.0 and C requires A to have version<=1.0. It should be clear from these constraints that any system cannot have all three A, B and C installed at the same time. But with sources this is easily achievable as follows:
- First install version of A >1.0 using sources
- Now install B whose configure script will not report any error
- Now try to install C and see error message.
- Given the lack of knowledge or available methods to check importance of current version of A. Simply download another version of A as required by C and install by source, overwriting previous installation completely without any warning or error.
- Now install C whose installation will succeed without any problem.
- Congratulations! You have just installed three applications which can never be installed together at the same time, guaranteeing instability.
- Modifications to files installed via package can be detected in terms of
- S file Size differs
- M Mode differs (includes permissions and file type)
- 5 MD5 sum differs
- D Device major/minor number mismatch
- L readLink(2) path mismatch
- U User ownership differs
- G Group ownership differs
- T mTime differs
- P caPabilities differ
-
- Use 'rpm -V <package-name>' to get above details for every file for a package where one or more of the listed eight parameters has changed.
- Once it is verified that files have been modified, if original version is required then it can be reinstalled easily.
- yum reinstall <package-name>
- Package which provides a certain executable, library or configuration file can be searched
- yum provides */<file-name>
- Conserving package cache and reusing it on other machines to save time and Internet bandwidth is easy and consistent.
- All packages are downloaded to '/var/cache/yum' before they are installed. One can set 'keepcache=1' in '/etc/yum.conf' to configure yum to leave packages after installation without deleting them. Now folder '/var/cache/yum' can be rsynced to other machines '/var/cache/yum' folder. This way packages which are already present will not get re-downloaded. If reclaiming space is important one can use 'yum clean packages' or 'yum clean all' to reclaim space occupied by cache.
The only reported advantage of using sources is that system specific details allow optimization of binary such that it can improve performance. Almost everyone claiming so also follows this statement with the fact that such improvements are often negligible or marginal.
References
References for understanding and learning rpm and yum properly:
- Information on restoring original files if package was installed via RPM is at https://www.g-loaded.eu/2012/03/26/restore-original-configuration-files-from-rpm-packages/
- Detailed information on RPM and yum is available at https://www.ibm.com/developerworks/linux/library/l-lpic1-v3-102-5/?ca=drs-
- RPM uses a fairly complex logic while upgrading a package to decide fate of configuration files. The logic is described in detail at http://www.rpm.org/max-rpm/ch-rpm-upgrade.html
Home > CentOS > CentOS 6.x > System administration tools > Package management tools > Advantages of using package managers