rpm — The Low-Level RPM Package Tool

rpm is the low-level tool that sits underneath package managers like dnf and zypper: it installs, removes, and queries individual local .rpm packages on Red Hat-based systems such as Fedora, RHEL, or openSUSE. Unlike dnf, however, rpm does not resolve dependencies – if a required library is missing, the installation simply fails. For everyday work you are better off with dnf; rpm is the right choice when you want to query a single package precisely, inspect an RPM file before installing it, or examine an installed package in detail. This guide walks you through the commands you reach for most: installing, querying, and verifying.

Install & Remove

rpm -ivh <file>.rpm — Install an RPM package (verbose + progress bar).

sudo rpm -ivh package.rpm

rpm -Uvh <file>.rpm — Upgrade a package (install if not present).

sudo rpm -Uvh package-2.0.rpm

rpm -Fvh <file>.rpm — Freshen: upgrade only if an older version is installed.

sudo rpm -Fvh package-2.0.rpm

rpm -e <package> — Remove (erase) an installed package.

sudo rpm -e nginx

rpm -e --nodeps <package> — Remove a package ignoring dependencies.

sudo rpm -e --nodeps libfoo

Query Installed Packages

rpm -qa — List all installed packages.

rpm -qa

rpm -qa | grep <pattern> — Search for installed packages.

rpm -qa | grep php

rpm -qi <package> — Show detailed info about an installed package.

rpm -qi nginx

rpm -ql <package> — List all files installed by a package.

rpm -ql nginx

rpm -qc <package> — List only config files of a package.

rpm -qc nginx

rpm -qd <package> — List only documentation files of a package.

rpm -qd nginx

rpm -qR <package> — List dependencies of a package.

rpm -qR nginx

rpm -qf <file> — Find which package owns a file.

rpm -qf /usr/sbin/nginx

Query RPM Files

rpm -qip <file>.rpm — Show info about an uninstalled RPM file.

rpm -qip package.rpm

rpm -qlp <file>.rpm — List files inside an RPM file.

rpm -qlp package.rpm

rpm -qRp <file>.rpm — Show dependencies of an RPM file.

rpm -qRp package.rpm

Verify

rpm -V <package> — Verify installed files against the package database.

rpm -V nginx

rpm -Va — Verify all installed packages.

rpm -Va

rpm -K <file>.rpm — Check the signature and integrity of an RPM file.

rpm -K package.rpm

rpm --import <key> — Import a GPG public key for package verification.

sudo rpm --import https://example.com/RPM-GPG-KEY

Common Patterns

rpm -qa --last | head -20 — Show the 20 most recently installed/updated packages.

rpm -qa --last | head -20

rpm -qa --queryformat '%{NAME} %{VERSION}-%{RELEASE}\n' — Custom formatted package list.

rpm -qa --queryformat '%{NAME} %{VERSION}-%{RELEASE}\n' | sort

rpm2cpio <file>.rpm | cpio -idmv — Extract files from an RPM without installing.

rpm2cpio package.rpm | cpio -idmv

Conclusion

rpm gives you full, direct control over individual packages – along with the responsibility that comes with it. Because rpm does not resolve dependencies, you should normally use dnf (or zypper on openSUSE) for installing and updating, and reserve rpm for targeted queries, verification, and extracting individual files. Be especially careful with -e/--erase (it removes packages) and with --nodeps and --force: they bypass the safety nets and can leave your system in an inconsistent state. Always check downloaded packages before installing with rpm -K (GPG signature), and import the source's keys beforehand via rpm --import.