To guarantee the operational security of a system, update packages must be installed in the system from time to time. Previously, a bug in a package could only be eliminated by replacing the entire package. Large packages with bugs in small files could easily result in large amounts of data. However the SUSE RPM offers a feature enabling the installation of patches in packages.
The most important considerations are demonstrated using pine as an example:
To check this, first query the installed version of the package. For pine, this can be done with
rpm -q pine pine-4.44-188
Then check if the patch RPM is suitable for this version of pine:
rpm -qp --basedon pine-4.44-224.i586.patch.rpm pine = 4.44-188 pine = 4.44-195 pine = 4.44-207
This patch is suitable for three different versions of pine. The installed version in the example is also listed, so the patch can be installed.
The files affected by a patch can easily be seen in the patch RPM. The rpm parameter -P allows selection of special patch features. Display the list of files with the following command:
rpm -qpPl pine-4.44-224.i586.patch.rpm /etc/pine.conf /etc/pine.conf.fixed /usr/bin/pine
or, if the patch is already installed, with the following command:
rpm -qPl pine /etc/pine.conf /etc/pine.conf.fixed /usr/bin/pine
Patch RPMs are used just like normal RPMs. The only difference is that a suitable RPM must already be installed.
A list of all patches installed in the system can be displayed with the command rpm -qPa. If only one patch is installed in a new system (as in this example), the list appears as follows:
rpm -qPa pine-4.44-224
If, at a later date, you want to know which package version was originally installed, this information is also available in the RPM database. For pine, this information can be displayed with the following command:
rpm -q --basedon pine pine = 4.44-188
More information, including information about the patch feature of RPM, is available in the man pages of rpm and rpmbuild.