RPM(8) Red Hat Linux RPM(8)

NAME rpm - RPM Package Manager

SYNOPSIS QUERYING AND VERIFYING PACKAGES: rpm {-q|--query} [select-options] [query-options]

rpm {-V|--verify} [select-options] [verify-options]

rpm --import PUBKEY ...

rpm {-K|--checksig} [--nosignature] [--nodigest] PACKAGE_FILE ...

INSTALLING, UPGRADING, AND REMOVING PACKAGES: rpm {-i|--install} [install-options] PACKAGE_FILE ...

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

MISCELLANEOUS: rpm {--initdb|--rebuilddb}

rpm {--addsign|--resign} PACKAGE_FILE ...

rpm {--querytags|--showrc}

rpm {--setperms|--setugids} PACKAGE_NAME ...

select-options [PACKAGE_NAME] [-a,--all] [-f,--file FILE] [-g,--group GROUP] {-p,--package PACKAGE_FILE] [--fileid MD5] [--hdrid SHA1] [--pkgid MD5] [--tid TID] [--querybynumber HDRNUM] [--triggeredby PACKAGE_NAME] [--whatprovides CAPABILITY] [--whatrequires CAPABILITY]

query-options [--changelog] [-c,--configfiles] [-d,--docfiles] [--dump] [--filesbypkg] [-i,--info] [--last] [-l,--list] [--provides] [--qf,--queryformat QUERYFMT] [-R,--requires] [--scripts] [-s,--state] [--triggers,--triggerscripts]

verify-options [--nodeps] [--nofiles] [--noscripts] [--nodigest] [--nosignature] [--nolinkto] [--nomd5] [--nosize] [--nouser] [--nogroup] [--nomtime] [--nomode] [--nordev]

install-options [--aid] [--allfiles] [--badreloc] [--excludepath OLDPATH] [--excludedocs] [--force] [-h,--hash] [--ignoresize] [--ignorearch] [--ignoreos] [--includedocs] [--justdb] [--nodeps] [--nodigest] [--nosignature] [--nosuggest] [--noorder] [--noscripts] [--notriggers] [--oldpackage] [--percent] [--prefix NEWPATH] [--relocate OLDPATH=NEWPATH] [--repackage] [--replacefiles] [--replacepkgs] [--test]

DESCRIPTION rpm is a powerful Package Manager, which can be used to build, install, query, verify, update, and erase individual software packages. A pack- age consists of an archive of files and meta-data used to install and erase the archive files. The meta-data includes helper scripts, file attributes, and descriptive information about the package. Packages come in two varieties: binary packages, used to encapsulate software to be installed, and source packages, containing the source code and recipe necessary to produce binary packages.

One of the following basic modes must be selected: Query, Verify, Sig- nature Check, Install/Upgrade/Freshen, Uninstall, Initialize Database, Rebuild Database, Resign, Add Signature, Set Owners/Groups, Show Query- tags, and Show Configuration.

GENERAL OPTIONS These options can be used in all the different modes.

-?, --help Print a longer usage message then normal.

--version Print a single line containing the version number of rpm being used.

--quiet Print as little as possible - normally only error messages will be displayed.

-v Print verbose information - normally routine progress messages will be displayed.

-vv Print lots of ugly debugging information.

--rcfile FILELIST Each of the files in the colon separated FILELIST is read sequentially by rpm for configuration information. Only the first file in the list must exist, and tildes will be expanded to the value of $HOME. The default FILELIST is /usr/lib/rpm/rpmrc:/usr/lib/rpm/red- hat/rpmrc:/etc/rpmrc:~/.rpmrc.

--pipe CMD Pipes the output of rpm to the command CMD.

--dbpath DIRECTORY Use the database in DIRECTORY rather than the default path /var/lib/rpm

--root DIRECTORY Use the file system tree rooted at DIRECTORY for all operations. Note that this means the database within DIRECTORY will be used for dependency checks and any scriptlet(s) (e.g. %post if installing, or %prep if building, a package) will be run after a chroot(2) to DIRECTORY.

-D, --defineMACRO EXPR Defines MACRO with value EXPR.

-E, --evalEXPR Prints macro expansion of EXPR.

INSTALL AND UPGRADE OPTIONS The general form of an rpm install command is

rpm {-i|--install} [install-options] PACKAGE_FILE ...

This installs a new package.

The general form of an rpm upgrade command is

rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...

This upgrades or installs the package currently installed to a newer version. This is the same as install, except all other version(s) of the package are removed after the new package is installed.

rpm {-F|--freshen} [install-options] PACKAGE_FILE ...

This will upgrade packages, but only if an earlier version currently exists. The PACKAGE_FILE may be specified as an ftp or http URL, in which case the package will be downloaded before being installed. See FTP/HTTP OPTIONS for information on rpms internal ftp and http client support.

--aid Add suggested packages to the transaction set when needed.

--allfiles Installs or upgrades all the missingok files in the package, regardless if they exist.

--badreloc Used with --relocate, permit relocations on all file paths, not just those OLDPATHs included in the binary package relocation hint(s).

--excludepath OLDPATH Dont install files whose name begins with OLDPATH.

--excludedocs Don t install any files which are marked as documentation (which includes man pages and texinfo documents).

--force Same as using --replacepkgs, --replacefiles, and --oldpackage.

-h, --hash Print 50 hash marks as the package archive is unpacked. Use with -v|--verbose for a nicer display.

--ignoresize Dont check mount file systems for sufficient disk space before installing this package.

--ignorearch Allow installation or upgrading even if the architectures of the binary package and host dont match.

--ignoreos Allow installation or upgrading even if the operating systems of the binary package and host dont match.

--includedocs Install documentation files. This is the default behavior.

--justdb Update only the database, not the filesystem.

--nodigest Dont verify package or header digests when reading.

--nosignature Don t verify package or header signatures when reading.

--nodeps Dont do a dependency check before installing or upgrading a package.

--nosuggest Don t suggest package(s) that provide a missing dependency.

--noorder Dont reorder the packages for an install. The list of packages would normally be reordered to satisfy dependencies.

--noscripts

--nopre

--nopost

--nopreun

--nopostun Dont execute the scriptlet of the same name. The --noscripts option is equivalent to

--nopre --nopost --nopreun --nopostun

and turns off the execution of the corresponding %pre, %post, %preun, and %postun scriptlet(s).

--notriggers

--notriggerin

--notriggerun

--notriggerpostun Dont execute any trigger scriptlet of the named type. The --notriggers option is equivalent to

--notriggerin --notriggerun --notriggerpostun

and turns off execution of the corresponding %triggerin, %trig- gerun, and %triggerpostun scriptlet(s).

--oldpackage Allow an upgrade to replace a newer package with an older one.

--percent Print percentages as files are unpacked from the package archive. This is intended to make rpm easy to run from other tools.

--prefix NEWPATH For relocatable binary packages, translate all file paths that start with the installation prefix in the package relocation hint(s) to NEWPATH.

--relocate OLDPATH=NEWPATH For relocatable binary packages, translate all file paths that start with OLDPATH in the package relocation hint(s) to NEWPATH. This option can be used repeatedly if several OLDPATHs in the package are to be relocated.

--repackage Re-package the files before erasing. The previously installed package will be named according to the macro %_repack- age_name_fmt and will be created in the directory named by the macro %_repackage_dir (default value is /var/spool/repackage).

--replacefiles Install the packages even if they replace files from other, already installed, packages.

--replacepkgs Install the packages even if some of them are already installed on this system.

--test Do not install the package, simply check for and report poten- tial conflicts.

ERASE OPTIONS The general form of an rpm erase command is

rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--notriggers] [--repackage] [--test] PACKAGE_NAME ...

The following options may also be used:

--allmatches Remove all versions of the package which match PACKAGE_NAME. Normally an error is issued if PACKAGE_NAME matches multiple packages.

--nodeps Dont check dependencies before uninstalling the packages.

--noscripts

--nopreun

--nopostun Don t execute the scriptlet of the same name. The --noscripts option during package erase is equivalent to

--nopreun --nopostun

and turns off the execution of the corresponding %preun, and %postun scriptlet(s).

--notriggers

--notriggerun

--notriggerpostun Don t execute any trigger scriptlet of the named type. The --notriggers option is equivalent to

--notriggerun --notriggerpostun

and turns off execution of the corresponding %triggerun, and %triggerpostun scriptlet(s).

--repackage Re-package the files before erasing. The previously installed package will be named according to the macro %_repack- age_name_fmt and will be created in the directory named by the macro %_repackage_dir (default value is /var/spool/repackage).

--test Dont really uninstall anything, just go through the motions. Useful in conjunction with the -vv option for debugging.

QUERY OPTIONS The general form of an rpm query command is

rpm {-q|--query} [select-options] [query-options]

You may specify the format that package information should be printed in. To do this, you use the

--qf|--queryformat QUERYFMT

option, followed by the QUERYFMT format string. Query formats are mod- ified versions of the standard printf(3) formatting. The format is made up of static strings (which may include standard C character escapes for newlines, tabs, and other special characters) and printf(3) type formatters. As rpm already knows the type to print, the type specifier must be omitted however, and replaced by the name of the header tag to be printed, enclosed by {} characters. Tag names are case insensitive, and the leading RPMTAG_ portion of the tag name may be omitted as well.

Alternate output formats may be requested by following the tag with :typetag. Currently, the following types are supported:

:armor Wrap a public key in ASCII armor.

:base64 Encode binary data using base64.

:date Use strftime(3) "%c" format.

:day Use strftime(3) "%a %b %d %Y" format.

:depflags Format dependency flags.

:fflags Format file flags.

:hex Format in hexadecimal.

:octal Format in octal.

:perms Format file permissions.

:shescape Escape single quotes for use in a script.

:triggertype Display trigger suffix.

For example, to print only the names of the packages queried, you could use %{NAME} as the format string. To print the packages name and dis- tribution information in two columns, you could use %-30{NAME}%{DISTRI- BUTION}. rpm will print a list of all of the tags it knows about when it is invoked with the --querytags argument.

There are two subsets of options for querying: package selection, and information selection.

PACKAGE SELECTION OPTIONS: PACKAGE_NAME Query installed package named PACKAGE_NAME.

-a, --all Query all installed packages.

-f, --file FILE Query package owning FILE.

--fileid MD5 Query package that contains a given file identifier, i.e. the MD5 digest of the file contents.

-g, --group GROUP Query packages with the group of GROUP.

--hdrid SHA1 Query package that contains a given header identifier, i.e. the SHA1 digest of the immutable header region.

-p, --package PACKAGE_FILE Query an (uninstalled) package PACKAGE_FILE. The PACKAGE_FILE may be specified as an ftp or http style URL, in which case the package header will be downloaded and queried. See FTP/HTTP OPTIONS for information on rpms internal ftp and http client support. The PACKAGE_FILE argument(s), if not a binary package, will be interpreted as an ASCII package manifest. Comments are permitted, starting with a #, and each line of a package mani- fest file may include white space separated glob expressions, including URLs with remote glob expressions, that will be expanded to paths that are substituted in place of the package manifest as additional PACKAGE_FILE arguments to the query.

--pkgid MD5 Query package that contains a given package identifier, i.e. the MD5 digest of the combined header and payload contents.

--querybynumber HDRNUM Query the HDRNUMth database entry directly; this is useful only for debugging.

--specfile SPECFILE Parse and query SPECFILE as if it were a package. Although not all the information (e.g. file lists) is available, this type of query permits rpm to be used to extract information from spec files without having to write a specfile parser.

--tid TID Query package(s) that have a given TID transaction identifier. A unix time stamp is currently used as a transaction identifier. All package(s) installed or erased within a single transaction have a common identifier.

--triggeredby PACKAGE_NAME Query packages that are triggered by package(s) PACKAGE_NAME.

--whatprovides CAPABILITY Query all packages that provide the CAPABILITY capability.

--whatrequires CAPABILITY Query all packages that requires CAPABILITY for proper function- ing.

PACKAGE QUERY OPTIONS: --changelog Display change information for the package.

-c, --configfiles List only configuration files (implies -l).

-d, --docfiles List only documentation files (implies -l).

--dump Dump file information as follows (implies -l):

path size mtime md5sum mode owner group isconfig isdoc rdev symlink

--filesbypkg List all the files in each selected package.

-i, --info Display package information, including name, version, and description. This uses the --queryformat if one was specified.

--last Orders the package listing by install time such that the latest packages are at the top.

-l, --list List files in package.

--provides List capabilities this package provides.

-R, --requires List packages on which this package depends.

--scripts List the package specific scriptlet(s) that are used as part of the installation and uninstallation processes.

-s, --state Display the states of files in the package (implies -l). The state of each file is one of normal, not installed, or replaced.

--triggers, --triggerscripts Display the trigger scripts, if any, which are contained in the package.

VERIFY OPTIONS The general form of an rpm verify command is

rpm {-V|--verify} [select-options] [verify-options]

Verifying a package compares information about the installed files in the package with information about the files taken from the package metadata stored in the rpm database. Among other things, verifying compares the size, MD5 sum, permissions, type, owner and group of each file. Any discrepancies are displayed. Files that were not installed from the package, for example, documentation files excluded on instal- lation using the "--excludedocs" option, will be silently ignored.

The package selection options are the same as for package querying (including package manifest files as arguments). Other options unique to verify mode are:

--nodeps Dont verify dependencies of packages.

--nodigest Dont verify package or header digests when reading.

--nofiles Dont verify any attributes of package files.

--noscripts Don t execute the %verifyscript scriptlet (if any).

--nosignature Dont verify package or header signatures when reading.

--nolinkto

--nomd5

--nosize

--nouser

--nogroup

--nomtime

--nomode

--nordev Dont verify the corresponding file attribute.

The format of the output is a string of 8 characters, a possible attribute marker:

c %config configuration file. d %doc documentation file. g %ghost file (i.e. the file contents are not included in the package payload). l %license license file. r %readme readme file.

from the package header, followed by the file name. Each of the 8 characters denotes the result of a comparison of attribute(s) of the file to the value of those attribute(s) recorded in the database. A single "." (period) means the test passed, while a single "?" (question mark) indicates the test could not be performed (e.g. file permissions prevent reading). Otherwise, the (mnemonically emBoldened) character denotes failure of the corresponding --verify test:

S file Size differs M Mode differs (includes permissions and file type) 5 MD5 sum differs D Device major/minor number mismatch L readLink(2) path mismatch U User ownership differs G Group ownership differs T mTime differs

DIGITAL SIGNATURE AND DIGEST VERIFICATION The general forms of rpm digital signature commands are

rpm --import PUBKEY ...

rpm {--checksig} [--nosignature] [--nodigest] PACKAGE_FILE ...

The --checksig option checks all the digests and signatures contained in PACKAGE_FILE to ensure the integrity and origin of the package. Note that signatures are now verified whenever a package is read, and --checksig is useful to verify all of the digests and signatures asso- ciated with a package.

Digital signatures cannot be verified without a public key. An ASCII armored public key can be added to the rpm database using --import. An imported public key is carried in a header, and key ring management is performed exactly like package management. For example, all currently imported public keys can be displayed by:

rpm -qa gpg-pubkey*

Details about a specific public key, when imported, can be displayed by querying. Heres information about the Red Hat GPG/DSA key:

rpm -qi gpg-pubkey-db42a60e

Finally, public keys can be erased after importing just like packages. Heres how to remove the Red Hat GPG/DSA key

rpm -e gpg-pubkey-db42a60e

SIGNING A PACKAGE rpm --addsign|--resign PACKAGE_FILE ...

Both of the --addsign and --resign options generate and insert new sig- natures for each package PACKAGE_FILE given, replacing any existing signatures. There are two options for historical reasons, there is no difference in behavior currently.

USING GPG TO SIGN PACKAGES In order to sign packages using GPG, rpm must be configured to run GPG and be able to find a key ring with the appropriate keys. By default, rpm uses the same conventions as GPG to find key rings, namely the $GNUPGHOME environment variable. If your key rings are not located where GPG expects them to be, you will need to configure the macro %_gpg_path to be the location of the GPG key rings to use.

For compatibility with older versions of GPG, PGP, and rpm, only V3 OpenPGP signature packets should be configured. Either DSA or RSA ver- ification algorithms can be used, but DSA is preferred.

If you want to be able to sign packages you create yourself, you also need to create your own public and secret key pair (see the GPG man- ual). You will also need to configure the rpm macros

%_signature The signature type. Right now only gpg and pgp are supported.

%_gpg_name The name of the "user" whose key you wish to use to sign your packages.

For example, to be able to use GPG to sign packages as the user "John Doe <jdoe@foo.com>" from the key rings located in /etc/rpm/.gpg using the executable /usr/bin/gpg you would include

%_signature gpg %_gpg_path /etc/rpm/.gpg %_gpg_name John Doe <jdoe@foo.com> %_gpgbin /usr/bin/gpg

in a macro configuration file. Use /etc/rpm/macros for per-system con- figuration and ~/.rpmmacros for per-user configuration.

REBUILD DATABASE OPTIONS The general form of an rpm rebuild database command is

rpm {--initdb|--rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]

Use --initdb to create a new database if one doesnt already exist (existing database is not overwritten), use --rebuilddb to rebuild the database indices from the installed package headers.

SHOWRC The command

rpm --showrc

shows the values rpm will use for all of the options are currently set in rpmrc and macros configuration file(s).

FTP/HTTP OPTIONS rpm can act as an FTP and/or HTTP client so that packages can be queried or installed from the internet. Package files for install, upgrade, and query operations may be specified as an ftp or http style URL:

ftp://USER:PASSWORD@HOST:PORT/path/to/package.rpm

If the :PASSWORD portion is omitted, the password will be prompted for (once per user/hostname pair). If both the user and password are omit- ted, anonymous ftp is used. In all cases, passive (PASV) ftp transfers are performed.

rpm allows the following options to be used with ftp URLs:

--ftpproxy HOST The host HOST will be used as a proxy server for all ftp trans- fers, which allows users to ftp through firewall machines which use proxy systems. This option may also be specified by config- uring the macro %_ftpproxy.

--ftpport PORT The TCP PORT number to use for the ftp connection on the proxy ftp server instead of the default port. This option may also be specified by configuring the macro %_ftpport.

rpm allows the following options to be used with http URLs:

--httpproxy HOST The host HOST will be used as a proxy server for all http trans- fers. This option may also be specified by configuring the macro %_httpproxy.

--httpport PORT The TCP PORT number to use for the http connection on the proxy http server instead of the default port. This option may also be specified by configuring the macro %_httpport.

LEGACY ISSUES Executing rpmbuild The build modes of rpm are now resident in the /usr/bin/rpmbuild exe- cutable. Although legacy compatibility provided by the popt aliases below has been adequate, the compatibility is not perfect; hence build mode compatibility through popt aliases is being removed from rpm. Install the package containing rpmbuild (usually rpm-build) and see rpmbuild(8) for documentation of all the rpm build modes previously documented here in rpm(8).

Add the following lines to /etc/popt if you wish to continue invoking rpmbuild from the rpm command line:

rpm exec --bp rpmb -bp rpm exec --bc rpmb -bc rpm exec --bi rpmb -bi rpm exec --bl rpmb -bl rpm exec --ba rpmb -ba rpm exec --bb rpmb -bb rpm exec --bs rpmb -bs rpm exec --tp rpmb -tp rpm exec --tc rpmb -tc rpm exec --ti rpmb -ti rpm exec --tl rpmb -tl rpm exec --ta rpmb -ta rpm exec --tb rpmb -tb rpm exec --ts rpmb -ts rpm exec --rebuild rpmb --rebuild rpm exec --recompile rpmb --recompile rpm exec --clean rpmb --clean rpm exec --rmsource rpmb --rmsource rpm exec --rmspec rpmb --rmspec rpm exec --target rpmb --target rpm exec --short-circuit rpmb --short-circuit

FILES rpmrc Configuration /usr/lib/rpm/rpmrc /usr/lib/rpm/redhat/rpmrc /etc/rpmrc ~/.rpmrc

Macro Configuration /usr/lib/rpm/macros /usr/lib/rpm/redhat/macros /etc/rpm/macros ~/.rpmmacros

Database /var/lib/rpm/Basenames /var/lib/rpm/Conflictname /var/lib/rpm/Dirnames /var/lib/rpm/Filemd5s /var/lib/rpm/Group /var/lib/rpm/Installtid /var/lib/rpm/Name /var/lib/rpm/Packages /var/lib/rpm/Providename /var/lib/rpm/Provideversion /var/lib/rpm/Pubkeys /var/lib/rpm/Removed /var/lib/rpm/Requirename /var/lib/rpm/Requireversion /var/lib/rpm/Sha1header /var/lib/rpm/Sigmd5 /var/lib/rpm/Triggername

Temporary /var/tmp/rpm*

SEE ALSO popt(3), rpm2cpio(8), rpmbuild(8),

rpm --help - as rpm supports customizing the options via popt aliases its impossible to guarantee that whats described in the manual matches whats available.

http://www.rpm.org/ <URL:http://www.rpm.org/>

AUTHORS Marc Ewing <marc@redhat.com> Jeff Johnson <jbj@redhat.com> Erik Troan <ewt@redhat.com>

Red Hat, Inc. 09 June 2002 RPM(8) gnome-mount(1) gnome-mount(1)

NAME gnome-mount - Mount drives and volumes using HAL and read settings from the GNOME desktop configuration system gconf.

SYNOPSIS gnome-mount [-?|--help] [-v] [-n] [-t] [-b] [-d /dev/file | -h /org/fd/Hal/udi | -p nickname] [--unmount | --eject | --write-settings | --erase-settings | --show-settings] [--mount-point where-to-mount] [--mount-options opt1,opt2=foo,opt3] [--extra-mount-options opt4,opt5=bar] [--fstype fstype-to-use]

DESCRIPTION This program is used to mount and unmount file systems for GNOME desk- top users. It can also be used to eject discs from CD drives and other devices that needs to be ejected. For example, iPods needs this to make the "Do not disconnect" message go away.

Normally, this program is invoked by software in the GNOME stack (specifically gnome-vfs-daemon and gnome-volume-manager ). End users should never have to deal with gnome-mount directly on the command line, nor should they have to read this manual page.

Mounting a file system into the root file system involves a certain degree of configuration and as such is subject to whatever preferences an user might have. gnome-mount allows the user to control the mount point location, the mount options and what file system to use for mounting a file system. The settings are read from the gconf database (which is per-user) and can also be overridden on the command line using the appropriate parameters. See below.

SPECIFYING THE TARGET The target (e.g. the partition or file system to mount, unmount or eject) can be specified using the HAL UDI (Unique Device Identifier), e.g. /org/freedesktop/Hal/devices/volume_uuid_E18B_10EC , the name of the special device file, e.g. /dev/sda1 or a pseudonym. The latter is a textual string used to locate the target and it makes gnome-mount search for the target by comparing the given textual string to the mount points and file system labels.

DETERMINING SETTINGS Settings (e.g. mount point, mount options, file system type) are read in the order below. Note that each option is treated individually; for example it is valid for a drive to only specify the mount point setting and not the mount options. Also note that the even if the drive speci- fies mount options, these can be overridden on a per-volume basis.

FILE SYSTEM DEFAULTS First, default mount options are read from /system/stor- age/defaults/FS_TYPE/ for the probed file system type of the volume. The option uid=, is treated specially by gnome-mount and will be replaced by uid=UID_OF_USER to cope with the fact that the uid is a function of the user calling it.

PER DRIVE Second, the gconf tree at /system/storage/drives/UDI_OF_DRIVE/ is consulted for options that depend on what drive the volume belongs to. For example, this is useful for configuring that volumes inserted into a given drive is always mounted at the same location. For example, this can be used to emulate /etc/fstab behaviour by where CD media is always mounted at e.g. /media/cdrom

PER VOLUME Third, the gconf tree at /system/storage/drives/UDI_OF_VOLUME/ is consulted for options that are specific to a particular piece of media and as such depends on either the file system label (e.g. EOS_DIGITAL ) or the file system UUID (e.g. E18B_10EC ) or both.

COMMANDLINE OPTIONS Users can pass --mount-point , --mount-options or --fstype on the commandline to override settings.

EXTRA COMMANDLINE OPTIONS Finally, if mount options are passed via --extra-mount-options these are not replacing the mount options, they are simply added. This is useful for doing e.g.

gnome-mount --extra-mount-options remount,exec -d /dev/sda1

to remount a volumes such that programs can be run from the media. This is useful for e.g. gnome-volume-manager if it dis- covers an autorun file on the media.

PASSWORDED MEDIA gnome-mount supports passworded media through the org.freedesk- top.Hal.Device.Volume.Crypto interface supported by HAL and this includes volumes formatted in a way that adheres to the LUKS (Linux Unified Key Setup) specification. In addition, gnome-mount uses gnome- keyring to retrieve and store the pass phrase. If no key can be retrieved, gnome-mount will prompt the user for one. In addition, if the keyring is locked, the user may be prompted to unlock it via stan- dard gnome-keyring mechanisms.

PRIVILEGES gnome-mount is intended for unprivileged users and HAL ultimately con- trols if the calling user is allowed to mount, unmount or eject volumes as well as what mount options are valid. As such, requests may be denied. See the (human readable) exception returned from HAL for details if a request fails.

Note that HAL has a notion of what mount options are valid for a given volume. They are listed in the HAL property volume.mount.valid_options on the device object representing the volume to mount. Consult lshal(1) for details. Also note that HAL by default appends the options nosuid and nodev to prevent privilege escalation.

In addition to using HAL as the mechanism for mounting file systems, the /etc/fstab file is also consulted as HAL will refuse to mount any file system listed in this file as it would violate system policy. If this is the case, gnome-mount will invoke mount(1) as the calling user rather than invoking the Mount method on the org.freedesk- top.Hal.Device.Volume interface on the device object representing the volume / drive. This means that settings (mount point, mount options, file system type) read by gnome-mount are not passed along as these are already specified in the /etc/fstab file and there are no mechanism to override them. When parsing the /etc/fstab file, gnome-mount (and also HAL for that matter) resolves symbolic links and also respects the LABEL= and UUID= notations. For example, if this line is in /etc/fstab

LABEL=MyVolume /mnt/myvolume auto user,defaults 0 0

then gnome-mount mounts the file system with the label MyVolume via mount(1) and /etc/fstab rather than using the HAL mechanisms.

OPTIONS Options available for the gnome-mount command:

-v, --verbose Verbose operation, shows debug messages.

-n, --no-ui Don t show any dialogs the user needs to dismiss. If X11 is available, gnome-mount may pop up transient notification bubbles e.g. suggesting the user to remount a volume with different options to streamline access to file systems with ownership attributes. This is the option that storage policy daemons such as gnome-volume-manager should invoke gnome-mount in. File man- agers, however, such as Nautilus , should never use this option as the user should get e.g. an error dialog if he tries to access a volume with a missing, unsupported or unknown file sys- tem.

-b, --block Allow gnome-mount to block even if an error occured. By default, gnome-mount will daemonize so it can return control to the invoking application as soon as possible (e.g. when an operation either fails or succeeds ) while still showing an error dialog to the end user. Useful when debugging.

-u, --unmount Use this for unmounting rather than mounting. If gnome-mount is invoked as gnome-umount (a symlink to gnome-mount ) then this option is automatically selected.

-e, --eject Use this for ejecting rather than mounting. If gnome-mount is invoked as gnome-eject (a symlink to gnome-mount ) then this option is automatically selected.

-d, --device Specify target volume by the special device file.

-h, --hal-udi Specify target volume by HAL UDI (Unique Device Identifier).

-p, --pseudonym Specify target volume by pseudonym. See above for how this works.

-t, --text Never use X11 dialogs or notification bubbles even if an X11 server is available. Also prohibits the use of gnome-keyring to retrieve pass phrases for passworded media because this might require unlocking the keyring which happens through an X11 dia- log out of process. Useful for command line operation.

-m, --mount-point Specify mount point to use; dont include /media as this is automatically appened by the mechanism used to mount, e.g. the HAL methods.

-o, --mount-options Specify mount options. Separate by comma.

-f, --fstype Specify file system type. This is useful for using e.g. the msdos file system instead of the vfat file system.

--write-settings Instead of mounting a drive, specify what options to store in the gconf database. Can be used on both drives and volumes. Be careful using this with the --device option as optical drives (among others) use the same special device file for both the drive and the volume. One trick is to ensure the optical drive has no media when configuring it via this option. Another pos- sibility is to use the HAL UDI instead.

--display-settings Display settings for a drive or volume.

--erase-settings Erase settings for a drive or volume.

RETURN CODES gnome-mount will return zero if the request succeeded or non-zero if it failed. Note that gnome-mount is specifically designed to run in a graphical user environment and as such all error reporting (and resolu- tion) is through X11 dialogs. For example, if HAL reports that a volume could not be mounted because of a missing file system driver, gnome- mount might, one day, launch a tool to ask the user if he wants to download and install the driver. In a similar way, all error dialogs are presented via X11 dialogs to the user as well.

EXAMPLE We want to make sure that the discs inserted into an optical drive are always mounted at /media/cdrecorder instead of using the default which is using the label specified in the iso9660 or udf file system header. Assuming that the drive is empty and the special device file for the drive is /dev/hdc the following command will work

gnome-mount --write-settings --device /dev/hdc --mount-point cdrecorder

This can be inspected via the --display-settings option and the set- tings can also be erased via the --erase-settings option. Also note that gconf-editor(1) can be used for tasks like these.

HARDWARE THAT CANNOT BE POLLED HAL polls most storage devices for media insertion / removal and main- tains the list of devices exported. However, some hardware cannot be polled for media changes without making noise or for other reasons. PC floppy drives, Zip drives connected through an IDE interface and broken optical drives falls into this category.

For such hardware HAL only exports the drive and rather than exporting volume as childs of the drive, the org.freedesktop.Hal.Device.Volume interface is exported on the drive itself. gnome-mount supports this but it means that it is impossible to know ahead of time what file sys- tem is on the media in the problematic drive, so in this case gnome- mount passes auto as the file system type and passes the mount options uid=UID_OF_USER as most media in such devices are formatted with either the vfat , udf or iso9660 file systems.

This also means that per-volume settings are not possible; one can only specify settings per-drive.

AUTHOR gnome-mount was written by David Zeuthen <david@fubar.dk>.

SEE ALSO fstab(5), mount(8), umount(8), eject(1), cryptsetup(8), gconftool-2(1), gconf-editor(1), lshal(1)

http://www.gnome.org/projects/gconf/

http://en.wikipedia.org/wiki/GNOME_Keyring

http://freedesktop.org/Software/hal

http://luks.endorphin.org

gnome-mount(1)