What's Installed?
 

Ok, so I've got a pretty standard installation of RH8. I am wanting to start installing things. Let's say a new update for OpenSSL comes out or there is a newer ver than the one I currently have. how do I check to see what ver OpenSSL I have? If I check via rpm -qa, then I get the package name. So that's great. BUT, what about in the future if I install something via source and not RPM (cause that's different right?) then the source install won't show the latest OpenSSL ver in an rpm query, will it? I guess I could just look through the directory structure or do a find or whatever, but is there no simple way to see what all versions of packages I ahve installed? And when you install from source, is that really a package you are installing? I just want to do this right and have the latest versions on my machine. Thanks!

There is kpackage, it lists all the packages installed on your system. You can use up-to-date to update your system. RPM's for the latest releases are usually availiable as soon as a new release is out. Unless you are into writing down everthing you install, I would stick with RPMs unless you have no choice.

Mate. If you install from source, then you wont have any record of what the version is. Fortunately you can usually query a package but starting it with ./filename --vesion to get the version.

Now, I'm quite sure that you can use rpm to install packages from source anyway, you'll have to read the man page for rpm "man rpm" (and yes, a package is a software program)

Dont worry too much about doing things "right" generally speaking, if it works when your done, you've done it "right enough". In linux there is no set way of doing anything really.

I install stuff from source quite a lot on my SuSE box, I generall find that it's easiest to keep track of whats going on with my source code by just keep is all stuffed in one directory that I do all installs from, "/opt/install/".

After you get used to RH and linux in general, and you really want to stay on the bleeding edge of stuff, take a look at the Gentoo distro ;) It takes most of the pain out of installing packages (all the pain really, 'cept when it dont work ;) ) And the almost the entire distro is compiled from source.

OK, thanks for the help. Here's a question though. So let's say I want to install OpenSSL 0.9.7b. I do an RPM qa and find out running OpenSSL 0.6.2 or some other number. Do I need to erase that package before I install the newest ver, or do I install on top of it or what? And if I try to erase via rpm -e there's too many dependancies. So will it break all the dependancies if I do an rpm -e --nodeps and then install the newest version? I guess my question is, what is the proper means of upgrading a package that's intalled? Thanks again...

well if its an RPM then just install the new version over the top.

If it's source then you have to find out where all the files for the current version are kept on the disk, and then configure your source for compiling as required, then install it over the top ;) (instructions that generally come with source code are very good, and easy to follow - once you get the hang of it that is)

So long as all the files of the old version are being overwritten by the new ones then you cant go wrong. You dont even need to reconfigure anything, well, somtimes you get new features and sometimes existing features change a bit, but for the most part your sweet.

If you compile from source, you might want to use "checkinstall". It's a tool that monitors your "make install", and creates an package from it. (which you can de-install).

I used to fillup my entire /opt/ folder, until I discovered checkinstall. (leaving some libraries outside /usr/local/lib often causes problems for example, and kde programs should be installed in /opt/kde/) Nowadays, I create an package with checkinstall, and prefix the package name with "X-", so I can find it in the gigantic list of packges. (and check the site for updates now and then)


If you're worried about vulnarability (since you referred to openssh), try "netstat -anpA inet". It shows all active connections and servers listening. Surely you'll find a few things you might want to turn off.

I've been playing with an auto-update tool (for slackware) last week, but a few things happend I didn't like at all. (changes in /etc/, and and my session-chooser of GDM is messed up) Auto update tools are great, but --upgrade-all is a little dangerous.. :p