Master RPM: 20 Essential rpm Commands for Red Hat-Based Linux (Install, Query, Verify, Rebuild)

RPM commands are the foundation of package management on Red Hat-based Linux distributions such as RHEL, CentOS, Fedora, Rocky, and AlmaLinux. Whether you are installing a single local package, checking signatures before trust-based installs, querying file ownership, verifying integrity, or repairing a corrupted RPM database, knowing the right rpm command and flags saves time and prevents system breakage. This guide presents 20 practical rpm commands with realistic example output and clear explanations so you can confidently manage .rpm packages on servers and workstations. Each example demonstrates common real-world scenarios administrators encounter when maintaining RPM-based systems.

Core RPM commands and examples

The following examples cover signature checks, installs, dependency queries, updates, removals, queries, verification, key management, and database recovery. Each block shows the exact command and a representative output, followed by a short explanation of flags and what the output means.

rpm --checksig hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm

hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm: digests OK

The –checksig option checks the package signature and digest to validate integrity and authenticity. “digests OK” indicates the package checksum matches and the package is not corrupted. If a GPG signature is present it will also show “pgp OK” when the key is trusted.

rpm -ivh hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm

Preparing... ################################# [100%]
Updating / installing...
1:hardinfo-2.0.11-1 ################################# [100%]

The -i installs a package, -v enables verbose output, and -h prints hash marks showing progress. The example shows a successful install of hardinfo with progress indicators.

rpm -qpR hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm

libX11.so.6()(64bit)
libatk-1.0.so.0()(64bit)
libc.so.6()(64bit)
libcairo.so.2()(64bit)
gtk+-3.0

The -q queries, -p operates on an RPM file (not installed package), and -R lists runtime dependencies required by the package. Use this before installation to ensure dependencies are available in repositories.

rpm -ivh --nodeps hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm

Preparing... ################################# [100%]
warning: hardinfo-2.0.11-FedoraLinux-39.x86_64.rpm: requires: libX11.so.6()(64bit)
1:hardinfo-2.0.11-1 ################################# [100%]

The –nodeps option skips dependency checks and forces installation. This can break runtime behavior if required libraries are missing; use only when you understand the risks and have mitigations.

rpm -q hardinfo

hardinfo-2.0.11-1.x86_64

The -q option queries the RPM database for the installed package named “hardinfo”. The output prints the installed package name, version, release, and architecture.

rpm -ql hardinfo

/usr/bin/hardinfo2
/usr/lib64/hardinfo2/modules/benchmark.so
/usr/share/doc/hardinfo
/usr/share/man/man1/hardinfo.1.gz

The -ql (query list) option lists all files installed by the specified package. Useful to locate binaries, config files, and documentation provided by a package.

rpm -qa --last

hardinfo-2.0.11-1.x86_64 Mon 04 Mar 2024 01:32:14 PM IST
pipewire-pulseaudio-1.0.3-1.fc39.x86_64 Mon 04 Mar 2024 01:32:02 PM IST
gtk3-3.24.41-1.fc39.x86_64 Mon 04 Mar 2024 01:32:01 PM IST

The -qa option lists all installed packages; combined with –last it sorts by installation time with timestamps, allowing you to view recently installed packages.

rpm -qa

filesystem-3.18-6.fc39.x86_64
bash-5.2.15-1.fc39.x86_64
coreutils-9.2-1.fc39.x86_64
python3-3.11.2-1.fc39.x86_64

A plain -qa prints the full list of installed packages from the RPM database. You can pipe this through grep to filter package names.

rpm -Uvh hardinfo-2.0.12-FedoraLinux-39.x86_64.rpm

Preparing... ################################# [100%]
Updating / installing...
1:hardinfo-2.0.12-1 ################################# [100%]

The -U option upgrades an existing package or installs if not present. As with -ivh, -v and -h control verbosity and progress marks. Upgrades replace files and retain package history.

rpm -evv hardinfo

removing hardinfo-2.0.12-1.x86_64

The -e (erase) removes an installed package. Using multiple v increases verbosity so you see more details of the removal process.

rpm -ev --nodeps hardinfo

removing hardinfo-2.0.12-1.x86_64
warning: %postun(hardinfo-2.0.12-1.x86_64) scriptlet failed, exit status 1

Using –nodeps with erase removes the package without checking reverse dependencies. This can break other packages that require the removed package; check reverse dependencies before forcing removal.

rpm -qf /usr/bin/htpasswd

httpd-tools-2.4.58-1.fc39.x86_64

The -qf (query file) option tells you which installed package owns the given file path. Helpful when debugging missing or conflicting binaries.

rpm -qi hardinfo

Name        : hardinfo
Version     : 2.0.11
Release     : 1
Architecture: x86_64
Install Date: Mon 04 Mar 2024 01:32:14 PM IST
Group       : Applications/Utilities
Size        : 5174404
License     : GPL2+

The -qi (query info) provides metadata about an installed package: version, release, install date, group, size, license, and a short description—useful for audits and inventorying.

rpm -qip sqlbuddy-1.3.3-1.noarch.rpm

Name        : sqlbuddy
Version     : 1.3.3
Release     : 1
Architecture: noarch
Install Date: (not installed)
Size        : 1155804
License     : MIT

The -qip query inspects an RPM file before installation (-p). It prints package metadata without touching the system, ideal for vetting downloaded packages.

rpm -qdf /usr/bin/vmstat

/usr/share/doc/procps-ng/README.md
/usr/share/man/man1/vmstat.1.gz

The -qdf option lists documentation files associated with the package that owns the specified file. Use this to find manuals and README files installed with a package.

rpm -Vp sqlbuddy-1.3.3-1.noarch.rpm

S.5....T. c /etc/httpd/conf.d/sqlbuddy.conf

The -Vp verifies a package file against the RPM database format of verification output. The verification flags indicate differences in size, permissions, checksum, and timestamps. “c” indicates config file handling.

rpm -Va

S.5....T. c /etc/rc.d/rc.local
.......T. c /etc/ld.so.conf.d/kernel-2.6.conf
S.5....T. c /etc/yum.conf

-Va verifies all installed packages. Each line shows verification markers for attributes like size (S), md5sum (5), mode (.), and timestamp (T). Use this to detect modified or corrupted system files.

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-8

gpg: key 6A2FAEA2352C64E5: public key "CentOS-8 (CentOS 8 official signing key) " imported

The –import command adds a GPG key to the RPM database so signed packages can be verified. The output confirms the key fingerprint and identity imported successfully.

rpm -qa gpg-pubkey\*

gpg-pubkey-0608b895-4bd22942
gpg-pubkey-7fac5991-4615767f

Listing packages that match “gpg-pubkey*” shows the imported GPG public keys in the RPM database. Each entry includes a short ID and timestamp used for signature verification.

cd /var/lib && rm __db* && rpm --rebuilddb && rpmdb_verify Packages

Database rebuilt
verifying: Packages (5296/5296) done

When the RPM database is corrupted, remove temporary DB environment files (__db*), then run rpm –rebuilddb to recreate the database. The example shows successful rebuild and verification of the Packages DB. Always backup /var/lib/rpm before changes.

Conclusion

Managing RPM packages effectively requires familiarity with a compact set of rpm commands: checking signatures, inspecting package metadata, resolving dependencies, installing/upgrading/removing packages, verifying file integrity, and recovering a damaged RPM database. While higher-level tools like yum and dnf automate dependency resolution and repository workflows, rpm remains the indispensable low-level tool for package inspection, offline installs, and recovery operations. Use these 20 examples as a reference when administering Red Hat-family systems—combine them with safe practices such as verifying signatures, testing upgrades in staging, and backing up the RPM database before repairs.