rpm-qa 0.3.1

A thin Rust wrapper around `rpm -qa`
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505

//! A thin Rust wrapper around `rpm -qa`
//!
//! This crate provides functions to load and parse the output from
//! `rpm -qa --queryformat`, returning package metadata as a map of package
//! names to `Package` structs.
//!
//! Uses `--queryformat` instead of `--json` for compatibility with older RPM.

mod parse;

use anyhow::{Context, Result, bail};
use camino::{Utf8Path, Utf8PathBuf};
use cap_std_ext::cap_std::fs::Dir;
use std::collections::{BTreeMap, HashMap};
use std::io::Read;
use std::os::fd::AsRawFd;
use std::path::Path;
use std::process::Command;

/// A map of package names to their metadata.
pub type Packages = HashMap<String, Package>;

/// A map of file paths to their metadata.
pub type Files = BTreeMap<Utf8PathBuf, FileInfo>;

/// Cryptographic hash algorithm used for file digests.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum DigestAlgorithm {
    /// MD5 (legacy, insecure).
    Md5 = 1,
    /// SHA-1 (legacy, insecure).
    Sha1 = 2,
    /// RIPEMD-160.
    RipeMd160 = 3,
    /// MD2 (obsolete).
    Md2 = 5,
    /// TIGER-192.
    Tiger192 = 6,
    /// HAVAL-5-160.
    Haval5160 = 7,
    /// SHA-256 (current default).
    Sha256 = 8,
    /// SHA-384.
    Sha384 = 9,
    /// SHA-512.
    Sha512 = 10,
    /// SHA-224.
    Sha224 = 11,
    /// SHA3-256.
    Sha3_256 = 12,
    /// SHA3-512.
    Sha3_512 = 14,
}

/// File attribute flags from the RPM spec file.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Default)]
pub struct FileFlags(u32);

impl FileFlags {
    /// File is a configuration file (`%config`).
    pub const CONFIG: u32 = 1 << 0;
    /// File is documentation (`%doc`).
    pub const DOC: u32 = 1 << 1;
    /// Missing file is OK (`%config(missingok)`).
    pub const MISSINGOK: u32 = 1 << 3;
    /// Don't replace existing file (`%config(noreplace)`).
    pub const NOREPLACE: u32 = 1 << 4;
    /// File is a ghost (`%ghost`).
    pub const GHOST: u32 = 1 << 6;
    /// File is a license (`%license`).
    pub const LICENSE: u32 = 1 << 7;
    /// File is a README (`%readme`).
    pub const README: u32 = 1 << 8;
    /// File is a build artifact (`%artifact`).
    pub const ARTIFACT: u32 = 1 << 12;

    /// Create from raw flag value.
    pub fn from_raw(value: u32) -> Self {
        Self(value)
    }

    /// Get the raw flag value.
    pub fn raw(&self) -> u32 {
        self.0
    }

    /// Check if the config flag is set.
    pub fn is_config(&self) -> bool {
        self.0 & Self::CONFIG != 0
    }

    /// Check if the doc flag is set.
    pub fn is_doc(&self) -> bool {
        self.0 & Self::DOC != 0
    }

    /// Check if the missingok flag is set.
    pub fn is_missingok(&self) -> bool {
        self.0 & Self::MISSINGOK != 0
    }

    /// Check if the noreplace flag is set.
    pub fn is_noreplace(&self) -> bool {
        self.0 & Self::NOREPLACE != 0
    }

    /// Check if the ghost flag is set.
    pub fn is_ghost(&self) -> bool {
        self.0 & Self::GHOST != 0
    }

    /// Check if the license flag is set.
    pub fn is_license(&self) -> bool {
        self.0 & Self::LICENSE != 0
    }

    /// Check if the readme flag is set.
    pub fn is_readme(&self) -> bool {
        self.0 & Self::README != 0
    }

    /// Check if the artifact flag is set.
    pub fn is_artifact(&self) -> bool {
        self.0 & Self::ARTIFACT != 0
    }
}

/// Metadata for a file contained in an RPM package.
#[derive(Debug, Clone)]
pub struct FileInfo {
    /// File size in bytes.
    pub size: u64,
    /// Unix file mode (permissions and type).
    pub mode: u16,
    /// Unix modification timestamp.
    pub mtime: u64,
    /// Hex-encoded file digest, if present (directories and symlinks have none).
    pub digest: Option<String>,
    /// File attribute flags.
    pub flags: FileFlags,
    /// Owner username.
    pub user: String,
    /// Owner group name.
    pub group: String,
    /// Symlink target, if this is a symbolic link.
    pub linkto: Option<Utf8PathBuf>,
}

/// Metadata for an installed RPM package.
#[derive(Debug, Clone)]
pub struct Package {
    /// Package name.
    pub name: String,
    /// Package version.
    pub version: String,
    /// Package release.
    pub release: String,
    /// Package epoch, if present.
    pub epoch: Option<u32>,
    /// The architecture the package is for. `noarch` is a special case denoting
    /// an architecture independent package.
    pub arch: String,
    /// License of the package contents.
    pub license: String,
    /// Installed package size.
    pub size: u64,
    /// Unix timestamp of package build time.
    pub buildtime: u64,
    /// Unix timestamp of package installation.
    pub installtime: u64,
    /// Package source rpm file name.
    pub sourcerpm: Option<String>,
    /// Digest algorithm used for file digests in this package.
    pub digest_algo: Option<DigestAlgorithm>,
    /// Unix timestamps of changelog entries (most recent first).
    pub changelog_times: Vec<u64>,
    /// Files contained in this package.
    pub files: Files,
}

/// Load packages from a reader containing queryformat output.
pub fn load_from_reader<R: Read>(reader: R) -> Result<Packages> {
    parse::load_from_reader_impl(reader)
}

/// Load packages from a string containing queryformat output.
pub fn load_from_str(s: &str) -> Result<Packages> {
    parse::load_from_str_impl(s)
}

/// Load all installed RPM packages from a rootfs path by running `rpm -qa`.
pub fn load_from_rootfs(rootfs: &Utf8Path) -> Result<Packages> {
    run_rpm(rootfs.as_str())
}

/// Load all installed RPM packages from a rootfs directory by running `rpm -qa`.
pub fn load_from_rootfs_dir(rootfs: &Dir) -> Result<Packages> {
    use rustix::io::dup;
    // Dup the fd as a way to clear O_CLOEXEC so rpm can access it.
    // See also CapStdExtCommandExt::take_fn_n() though here we don't leak.
    let duped = dup(rootfs).context("failed to dup rootfs fd")?;
    let rootfs_path = format!("/proc/self/fd/{}", duped.as_raw_fd());
    run_rpm(&rootfs_path)
}

/// Note the host `rpm` resolves `%_dbpath` from its own macro context, not the
/// target rootfs's. We probe the rootfs to find where the rpmdb actually is and
/// pass `--dbpath` explicitly to avoid mismatches (e.g. Fedora host reading a
/// RHEL 9 rootfs).
const RPMDB_PATHS: &[&str] = &["usr/lib/sysimage/rpm", "var/lib/rpm", "usr/share/rpm"];

fn find_dbpath(rootfs: &Path) -> Result<Option<&'static str>> {
    for dbpath in RPMDB_PATHS {
        if std::fs::exists(rootfs.join(dbpath)).context("failed to probe rpmdb path")? {
            return Ok(Some(dbpath));
        }
    }
    Ok(None)
}

fn run_rpm(rootfs_path: &str) -> Result<Packages> {
    let mut cmd = Command::new("rpm");
    cmd.arg("--root").arg(rootfs_path);
    if let Some(dbpath) = find_dbpath(Path::new(rootfs_path))? {
        cmd.arg("--dbpath").arg(format!("/{dbpath}"));
    }
    cmd.args(["-qa", "--queryformat", parse::QUERYFORMAT]);
    cmd.stdout(std::process::Stdio::piped());
    let mut child = cmd.spawn().context("failed to run rpm")?;
    let stdout = child
        .stdout
        .take()
        .context("failed to capture rpm stdout")?;

    let packages = load_from_reader(stdout);

    let status = child.wait().context("failed to wait for rpm")?;
    if !status.success() {
        match status.code() {
            Some(code) => bail!("rpm command failed (exit code {})", code),
            None => {
                use std::os::unix::process::ExitStatusExt;
                bail!(
                    "rpm command killed by signal {}",
                    status.signal().unwrap_or(0)
                )
            }
        }
    }

    packages
}

/// Load all installed RPM packages by running `rpm -qa`.
pub fn load() -> Result<Packages> {
    load_from_rootfs(Utf8Path::new("/"))
}

#[cfg(test)]
mod tests {
    use super::*;

    const FIXTURE: &str = include_str!("../tests/fixtures/fedora.qf");

    fn setup_test_rootfs_at(rpmdb_relpath: &str) -> tempfile::TempDir {
        let tmpdir = tempfile::tempdir().expect("failed to create tempdir");
        let rpmdb_dir = tmpdir.path().join(rpmdb_relpath);
        std::fs::create_dir_all(&rpmdb_dir).expect("failed to create rpmdb dir");
        std::fs::copy(
            "tests/fixtures/rpmdb.sqlite",
            rpmdb_dir.join("rpmdb.sqlite"),
        )
        .expect("failed to copy rpmdb.sqlite");
        tmpdir
    }

    fn setup_test_rootfs() -> tempfile::TempDir {
        setup_test_rootfs_at("usr/lib/sysimage/rpm")
    }

    fn assert_has_test_packages(packages: &Packages) {
        assert!(packages.contains_key("filesystem"));
        assert!(packages.contains_key("setup"));
        assert!(packages.contains_key("fedora-release"));
    }

    #[test]
    fn test_load_from_rootfs() {
        let tmpdir = setup_test_rootfs();
        let rootfs = Utf8Path::from_path(tmpdir.path()).expect("non-utf8 path");
        let packages = load_from_rootfs(rootfs).expect("failed to load packages");
        assert_has_test_packages(&packages);
    }

    #[test]
    fn test_load_from_rootfs_dir() {
        let tmpdir = setup_test_rootfs();
        let rootfs_dir =
            Dir::open_ambient_dir(tmpdir.path(), cap_std_ext::cap_std::ambient_authority())
                .expect("failed to open rootfs dir");
        let packages = load_from_rootfs_dir(&rootfs_dir).expect("failed to load packages");
        assert_has_test_packages(&packages);
    }

    #[test]
    fn test_load_from_rootfs_legacy_dbpath() {
        let tmpdir = setup_test_rootfs_at("var/lib/rpm");
        let rootfs = Utf8Path::from_path(tmpdir.path()).expect("non-utf8 path");
        let packages = load_from_rootfs(rootfs).expect("failed to load packages");
        assert_has_test_packages(&packages);
    }

    #[test]
    fn test_load_from_str() {
        let packages = load_from_str(FIXTURE).expect("failed to load packages");
        assert!(!packages.is_empty(), "expected at least one package");

        for (name, pkg) in &packages {
            assert_eq!(name, &pkg.name);
            assert!(!pkg.version.is_empty());
            assert!(!pkg.arch.is_empty());
        }

        // Check specific packages from fixture
        assert!(packages.contains_key("glibc"));
        assert!(packages.contains_key("bash"));
        assert!(packages.contains_key("coreutils"));

        // bash has no epoch
        assert_eq!(packages["bash"].epoch, None);
        // shadow-utils has epoch 2
        assert_eq!(packages["shadow-utils"].epoch, Some(2));
        // perl-POSIX has explicit epoch 0
        assert_eq!(packages["perl-POSIX"].epoch, Some(0));
    }

    #[test]
    fn test_load_from_reader() {
        let packages = load_from_reader(FIXTURE.as_bytes()).expect("failed to load packages");
        assert!(!packages.is_empty(), "expected at least one package");
        assert!(packages.get("rpm").is_some());
    }

    #[test]
    fn test_file_parsing() {
        let packages = load_from_str(FIXTURE).expect("failed to load packages");
        let bash = packages.get("bash").expect("bash package not found");

        // bash should have files
        assert!(!bash.files.is_empty(), "bash should have files");

        // Check /usr/bin/bash exists
        let bash_bin = bash
            .files
            .get(Utf8Path::new("/usr/bin/bash"))
            .expect("/usr/bin/bash not found");
        assert!(bash_bin.size > 0, "bash binary should have non-zero size");
        assert!(bash_bin.digest.is_some(), "bash binary should have digest");
        assert_eq!(bash.digest_algo, Some(DigestAlgorithm::Sha256));
        assert!(
            !bash_bin.flags.is_config(),
            "bash binary is not a config file"
        );
        assert_eq!(bash_bin.user, "root");
        assert_eq!(bash_bin.group, "root");

        // Check a config file
        let bashrc = bash
            .files
            .get(Utf8Path::new("/etc/skel/.bashrc"))
            .expect("/etc/skel/.bashrc not found");
        assert!(bashrc.flags.is_config(), ".bashrc should be a config file");
        assert!(bashrc.flags.is_noreplace(), ".bashrc should be noreplace");

        // Check symlink /usr/bin/sh -> bash
        let sh = bash
            .files
            .get(Utf8Path::new("/usr/bin/sh"))
            .expect("/usr/bin/sh not found");
        assert!(sh.linkto.is_some(), "/usr/bin/sh should be a symlink");
        assert_eq!(sh.linkto.as_ref().unwrap(), "bash");

        // Check ghost files from setup package
        let setup = packages.get("setup").expect("setup package not found");

        // /run/motd is a pure ghost file (flag=64)
        let motd = setup
            .files
            .get(Utf8Path::new("/run/motd"))
            .expect("/run/motd not found");
        assert!(motd.flags.is_ghost(), "/run/motd should be a ghost");
        assert!(!motd.flags.is_config(), "/run/motd is not a config file");
        assert!(motd.digest.is_none(), "ghost files have no digest");

        // /etc/fstab is ghost+config+missingok+noreplace (flag=89)
        let fstab = setup
            .files
            .get(Utf8Path::new("/etc/fstab"))
            .expect("/etc/fstab not found");
        assert!(fstab.flags.is_ghost(), "/etc/fstab should be a ghost");
        assert!(
            fstab.flags.is_config(),
            "/etc/fstab should be a config file"
        );
        assert!(fstab.flags.is_missingok(), "/etc/fstab should be missingok");
        assert!(fstab.flags.is_noreplace(), "/etc/fstab should be noreplace");
    }

    #[test]
    fn test_directory_ownership() {
        // Test that files can be owned by a different package than the directory they reside in.
        // In this fixture:
        // - rpm owns /usr/lib/rpm/macros.d/ (the directory)
        // - fedora-release-common owns /usr/lib/rpm/macros.d/macros.dist (a file in that directory)
        let packages = load_from_str(FIXTURE).expect("failed to load packages");

        let rpm = packages.get("rpm").expect("rpm package not found");
        let fedora_release = packages
            .get("fedora-release-common")
            .expect("fedora-release-common package not found");

        // Verify rpm owns the macros.d directory
        let macros_d = rpm
            .files
            .get(Utf8Path::new("/usr/lib/rpm/macros.d"))
            .expect("/usr/lib/rpm/macros.d not found in rpm");
        // Directory mode: 0o40755 = 16877
        assert_eq!(
            macros_d.mode & 0o170000,
            0o040000,
            "macros.d should be a directory"
        );

        // Verify fedora-release-common owns macros.dist file
        assert!(
            fedora_release
                .files
                .contains_key(Utf8Path::new("/usr/lib/rpm/macros.d/macros.dist")),
            "/usr/lib/rpm/macros.d/macros.dist not found in fedora-release-common"
        );

        // Verify the file is NOT in rpm's file list
        assert!(
            rpm.files
                .get(Utf8Path::new("/usr/lib/rpm/macros.d/macros.dist"))
                .is_none(),
            "macros.dist should not be owned by rpm"
        );

        // Verify the directory is NOT in fedora-release-common's file list
        assert!(
            fedora_release
                .files
                .get(Utf8Path::new("/usr/lib/rpm/macros.d"))
                .is_none(),
            "macros.d directory should not be owned by fedora-release-common"
        );
    }

    #[test]
    fn test_single_file_scalar_values() {
        // Test that single-file packages are parsed correctly.
        let packages = load_from_str(FIXTURE).expect("failed to load packages");
        let pkg = packages
            .get("langpacks-core-en")
            .expect("langpacks-core-en package not found");

        assert_eq!(pkg.name, "langpacks-core-en");
        assert_eq!(pkg.version, "4.2");
        assert_eq!(pkg.release, "5.fc43");
        assert_eq!(pkg.files.len(), 1);

        let file = pkg
            .files
            .get(Utf8Path::new(
                "/usr/share/metainfo/org.fedoraproject.LangPack-Core-en.metainfo.xml",
            ))
            .expect("metainfo.xml not found");
        assert_eq!(file.size, 398);
        assert_eq!(file.user, "root");
        assert_eq!(file.group, "root");
        assert_eq!(
            file.digest.as_deref(),
            Some("d0ba061c715c73b91d2be66ab40adfab510ed4e69cf5d40970733e211de38ce6")
        );
    }

    #[test]
    fn test_changelog_times() {
        let packages = load_from_str(FIXTURE).expect("failed to load packages");

        // bash package should have multiple changelog entries
        let bash = packages.get("bash").expect("bash package not found");
        assert!(
            !bash.changelog_times.is_empty(),
            "bash should have changelog entries"
        );

        // Verify changelog times are reasonable Unix timestamps (after 2020)
        let min_valid_time = 1577836800u64; // 2020-01-01
        for &time in &bash.changelog_times {
            assert!(time > min_valid_time, "changelog time {} is too old", time);
        }
    }
}