As you would expect, the Python API includes methods for working with RPM package files in addition to installed RPM packages. Most of these methods require a header object, which you can read from an RPM package file.
Like the C function rpmReadPackageFile, the Python API provides a convenient way to read in a header object from an RPM package file. The hdrFromFdno method reads an RPM header from an open file descriptor. The basic syntax is:
h = ts.hdrFromFdno(fdno)
Note
The hdrFromFdno method uses Python’s low-level file descriptors instead of the higher-level Python file objects. In the RPM C library, an FD_t is a FILE**. This could be bound to a Python class, but that is outside the scope of this chapter.
The following example shows a function that opens a file, reads in the RPM header, and then closes the file:
def readRpmHeader(ts, filename):
""" Read an rpm header. """
fd = os.open(filename, os.O_RDONLY)
h = ts.hdrFromFdno(fd)
os.close(fd)
return h
ts = rpm.TransactionSet()
h = readRpmHeader( ts, 'n-r-v.rpm' )
The hdrFromFdno method raises a number of exceptions based on issues detected with the package files. The following example shows these exceptions:
def readRpmHeader(ts, filename):
""" Read an rpm header. """
fd = os.open(filename, os.O_RDONLY)
h = None
tryL
h = ts.hdrFromFdno(fd)
except rpm.error, e:
if str(e) == "public key not available":
print str(e)
if str(e) == "public key not trusted":
print str(e)
if str(e) == "error reading package header":
print str(e)
h = None
os.close(fd)
return h
ts = rpm.TransactionSet()
h = readRpmHeader( ts, 'n-r-v.rpm' )
You can decide in your code whether the exceptions should stop processing or not.
Starting with rpm 4.1, package files are verified automatically, which can cause problems, especially if you are working with older packages, or packages without proper digital signatures.
In most cases, the automatic verification is an advantage, since you can have greater confidence in the package files. However, you can call setVSFlags on a transaction set to change the default behavior.
ts.setVSFlags(flags)
For example, if you have problems with old packages that do not have proper signatures, you can use code like the following to ignore such checks:
# Set to not verify DSA signatures.
ts.setVSFlags(rpm.RPMVSF_NODSA)
Table 17-3 lists the flags you can pass to setVSFlags on a transaction set. These flags are bitmasks. You can or them together for more than one setting. You must do a binary or. Do not use the Python or keyword. Use | instead, for a binary or operation.
Table 17-3 Flags for setVSFlags
Flag | Meaning |
rpm.RPMVSF_NEEDPAYLOAD | Leave the file handle positions at the beginning of the payload. |
rpm.RPMVSF_NOHDRCHK | Don’t check the RPM database header. |
rpm.RPMVSF_ NODSA | Don’t check the header and payload DSA signatures. |
rpm.RPMVSF_ NODSAHEADER | Don’t check the header DSA signature. |
rpm.RPMVSF_ NOMD5 | Don’t check the header and payload MD5 digests. |
rpm.RPMVSF_ NORSA | Don’t check the header and payload RSA signatures. |
rpm.RPMVSF_ NOSHA1HEADER | Don’t check the header SHA1 digest. |
rpm._RPMVSF_NODIGESTS | Convenience to not check digests. |
rpm._RPMVSF_NOSIGNATURES | Convenience to not check signatures. |
To turn off all checks, you can pass –1 to setVSFlags:
ts.setVSFlasgs(-1)