?
Solved

Installing Using RPM

Posted on 2003-03-23
15
Medium Priority
?
282 Views
Last Modified: 2013-11-13
I was trying to install a *.rpm file. I was logged in as my own name and it was giving me the following errors:

error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages index using db3 - Operation not permitted (1)
error: cannot open Packages database in /var/lib/rpm

I read about the errors and it said you had to be logged in as root, so I logged in and the rpm installed fine.

Is there any way I can change my preferences so I can install files under my own name, and not have to go under root.


Thanks,
  J M M I S I T I
0
Comment
Question by:jmmisiti
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +4
15 Comments
 
LVL 17

Accepted Solution

by:
dorward earned 120 total points
ID: 8191586
Switching to root is generally the best idea, if you type "su" at the command prompt you can create a shell as root, but without having to log out and then in again.

Still, if you want to anyway (and I really advise that you stick to "su") you could try making "rpm" run as root no matter who runs it.

First find the rpm binary on your system by typing "which rpm". It will probably tell you something along the lines of /usr/bin/rpm

Then pick a group to give access too. All members of this group will be able to run the rpm program as if they were root, so you might want to create a new group and add yourself as the only member. Edit /etc/group and add a new line that looks like this:

groupName::number:member,nextMember

Note that the number must be unique.

e.g. rpmUsers::300:jmmisiti

(You will not become a member of that group until you log out and log back in again)

Then change the ownership of rpm to that group:

chown root.rpmUsers /usr/bin/rpm

Next, change the permissions so only members of "rpmUsers" and root can run rpm, but always as the owner (root).

chmod 4750 /usr/bin/rpm

0
 

Expert Comment

by:Slydder
ID: 8195340
A switch to root is the ONLY idea as the rpm DB is not writable by normal users. (unless you set up an rpm update user or some such).

chuck
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 8196030
your other option is to use sudo

check your /etc/sudoers file you will see something like:

root    ALL=(ALL) ALL

copy that line and put your username like

majorwoo    ALL=(ALL) ALL

now whenever majorwoo wants to do somethign that requires root, he just type sudo whatever - sudo standing for "SuperUserDO" or - do this as root.

[josh@woo josh]$ ls /root/
ls: /root/: Permission denied
[josh@woo josh]$ sudo ls /root/
1009a7md.zip     Desktop      install.log.syslog    NVIDIA_GLX-1.0-4191.i386.rpm
aflash.exe       doc-pak      mail                  NVIDIA_kernel-1.0-4191.src.rpm
anaconda-ks.cfg  install.log  nedit-5.3-1.i386.rpm  README
[josh@woo josh]$

when you do this, you are running the command as root:

[josh@woo josh]$ whoami
josh
[josh@woo josh]$ sudo whoami
root
[josh@woo josh]$
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 

Expert Comment

by:Slydder
ID: 8196088
Such a change is only advisable (well not even advisable) when there is 100% no chance of someone else logging in on the system as said user.

If you are to make use of sudo then do so correctly when the box in question has an outside connection.  Otherwise create an RPM admin account and assign the correct privilegs.

chuck
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 8196118
anybody you trust enough to administer RPM's is root really, because if not they could just make an rpm to install whatever they wanted...
0
 

Expert Comment

by:Slydder
ID: 8196150
Then why use sudo in such a fashion?  It's just one more security weakness that isn't really needed.

simply do su -c 'rpm -i package.rpm' and all is good.
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 8196271
im not gonna start a flame war here (and we are getting way off topic) so this is the last I'm gonna say:

using su -c is great, except you have to pass out the root password - which means if you change it, you have to tell everyone and once you give it to them you have no way of telling what they did with it.

sudo can be configured to allow only certain commands to be run as opposed to all, if you prefer (and yes giving someone all sudo is a risk too) - but everything is a security risk, you have to balance security with practicality.

Personally i find sudo more secure/flexible then creating groups on each machine or setting things SUID - once you setup a proper sudo file you can copy it to all your machine if you so wish - but hey, this is me and my 57 machines, it's just what i think.

if you decide to go the sudo route, and something is not clear let me know (man sudo is great, but sometimes the examples are harder to follow then you want)

0
 

Expert Comment

by:Slydder
ID: 8196450
I totally agree.  However, that is not what you proposed and that is what I was commenting on.

done.

chuck
0
 

Expert Comment

by:fluid11
ID: 8219976
Just give the user access to run the /bin/rpm command in the /etc/sudoers file (like majorwoo said above)...

someuser ALL = /bin/rpm

ChrisP
0
 

Expert Comment

by:CleanupPing
ID: 9087632
jmmisiti:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 2

Expert Comment

by:TheWeakestLink
ID: 9289659
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
PAQ / No Refund ; Can't split 30points, good answers and the original questioner has stopped responding
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

TheWeakestLink
EE Cleanup Volunteer
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9290030
You can give dorward the points.  His answer was first and correct.
0
 
LVL 2

Expert Comment

by:TheWeakestLink
ID: 9294431
I'm happy either way.  The "rules" say that the PAQ / No refund is appropriate under these circumstances, but it's down to judgement.  

P.
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9295562
correct, you've become quite the cleanup hound!
0
 

Expert Comment

by:YensidMod
ID: 9354890
Points to dorward.

Yensidmod
EE Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Monitor input from a computer is usually nothing special.  In this instance it prevented anyone from using the computer.  This was a preconfiguration that didn't work.
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses
Course of the Month14 days, 3 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question