• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • DNF is the default package management system on most RPM-based Linux distributions now.

    DNF downloads packages from repositories installs, uninstall, and updates packages. It performs automatic dependency resolution for packages you are installing, updating, or removing and installs all packages needed to fulfill dependency requirements.

    On Fedora, it has been the default package manager since Fedora 22. On RHEL 8.x, it is now the default package manager.

    DNF provides secure package management by enabling GPG signature verification on GPG signed packages. DNF will not install any package not signed with the correct key for that repository.

    For backward compatibility, RHEL 8.x has a YUM command also, though it is a link to DNF.

    Why DNF?

    DNF or Dandified YUM is the next generation YUM. Compared to YUM, DNF has better memory utilization, improved dependency management, and the ability to run using both Python 2 & Python 3.

    Package Management with DNF

    You must have superuser privileges to use the DNF Command to install, update, or remove the package. Following is a set of DNF commands frequently used by sysadmins.

    Searching a package

    To search for a package installed or available across all repositories, use

    $ sudo dnf search package_name

    For example to search for package Nmap:

    $ sudo dnf search nmap
    Last metadata expiration check: 0:05:14 ago on Tue 02 Jun 2020 08:38:09 PM UTC.
    ==================================== Name Exactly Matched: nmap =====================================
    nmap.x86_64 : Network exploration tool and security scanner
    =================================== Name & Summary Matched: nmap ====================================
    nmap-ncat.x86_64 : Nmap's Netcat replacement

    Listing packages

    To see a list of all installed and available packages:

    $ sudo dnf list all
    Installed Packages
    GConf2.x86_64                                        3.2.6-22.el8                                      @rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    NetworkManager.x86_64                                1:1.22.8-4.el8                                    @anaconda
    NetworkManager-libnm.x86_64                          1:1.22.8-4.el8                                    @anaconda
    NetworkManager-team.x86_64                           1:1.22.8-4.el8                                    @anaconda
    NetworkManager-tui.x86_64                            1:1.22.8-4.el8 
    ...

    To list all installed packages:

    $ sudo dnf list installed

    Installed Packages
    NetworkManager.x86_64             1:1.22.8-4.el8          @anaconda                                  
    NetworkManager-libnm.x86_64       1:1.22.8-4.el8          @anaconda                                  
    NetworkManager-team.x86_64        1:1.22.8-4.el8          @anaconda                                  
    NetworkManager-tui.x86_64         1:1.22.8-4.el8          @anaconda                                  
    PackageKit.x86_64                 1.1.12-4.el8            @AppStream                                 
    PackageKit-glib.x86_64            1.1.12-4.el8            @AppStream                                 
    WALinuxAgent.noarch               2.2.38-1.el8            @rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    abattis-cantarell-fonts.noarch    0.0.25-4.el8            @AppStream                                 
    acl.x86_64                        2.2.53-1.el8            @anaconda 
    ...                                                                      

    To list all available packages:

    $ sudo dnf list available
    Last metadata expiration check: 1:15:10 ago on Tue 02 Jun 2020 05:37:11 PM UTC.
    Available Packages
    CUnit.i686                                           2.1.3-17.el8                                      rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    CUnit.x86_64                                         2.1.3-17.el8                                      rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    CUnit-devel.i686                                     2.1.3-17.el8                                      rhui-codeready-builder-for-rhel-8-x86_64-rhui-rpms
    CUnit-devel.x86_64                                   2.1.3-17.el8                                      rhui-codeready-builder-for-rhel-8-x86_64-rhui-rpms
    ...

    For example, to list all MySQL  packages which are available:

    $ sudo dnf list available "mysql*"
    Last metadata expiration check: 1:17:04 ago on Tue 02 Jun 2020 05:37:11 PM UTC.
    Available Packages
    mysql.x86_64        8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-common.x86_64 8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-devel.x86_64  8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-errmsg.x86_64 8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-libs.x86_64   8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-server.x86_64 8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    mysql-test.x86_64   8.0.17-3.module+el8.0.0+3898+e09bb8de  rhui-rhel-8-for-x86_64-appstream-rhui-rpms

    Displaying package information

    To display information about a package:

    $ sudo dnf info package_name
    

    For example, to display info about httpd server:

    $ sudo dnf info httpd
    
    Last metadata expiration check: 0:15:04 ago on Mon 01 Jun 2020 11:23:11 PM UTC.
    Available Packages
    Name         : httpd
    Version      : 2.4.37
    Release      : 21.module+el8.2.0+5008+cca404a3
    Architecture : x86_64
    Size         : 1.4 M
    Source       : httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.src.rpm
    Repository   : rhui-rhel-8-for-x86_64-appstream-rhui-rpms
    Summary      : Apache HTTP Server
    URL          : https://httpd.apache.org/
    License      : ASL 2.0
    Description  : The Apache HTTP Server is a powerful, efficient, and extensible
                 : web server.
    

    Installing packages

    Installing a single package

    To install a single package and all its non-installed dependencies:

    $ sudo dnf install package_name

    For example, to install Nginx:

    $ sudo dnf install nginx
    Dependencies resolved.
    ===========================================================================================
     Package             Arch   Version       Repository                                  Size
    ===========================================================================================
    Installing:
     nginx               x86_64 1:1.14.1-9.module+el8.0.0+4108+af250afe
                                              rhui-rhel-8-for-x86_64-appstream-rhui-rpms 570 k
    Installing dependencies:
     gd                  x86_64 2.2.5-6.el8   rhui-rhel-8-for-x86_64-appstream-rhui-rpms 144 k
     jbigkit-libs        x86_64 2.1-14.el8    rhui-rhel-8-for-x86_64-appstream-rhui-rpms  55 k
    ..

    This will install Nginx and all its non-installed dependency requirements.

    Installing multiple packages

    You can also install multiple packages by adding package names to this command. For example, to install Nginx, PHP & MySQL-server, enter:

    $ sudo dnf install nginx php mysql-server
    Dependencies resolved.
    ===========================================================================================
     Package          Arch   Version          Repository                                  Size
    ===========================================================================================
    Installing:
     mysql-server     x86_64 8.0.17-3.module+el8.0.0+3898+e09bb8de
                                              rhui-rhel-8-for-x86_64-appstream-rhui-rpms  22 M
     nginx            x86_64 1:1.14.1-9.module+el8.0.0+4108+af250afe
                                              rhui-rhel-8-for-x86_64-appstream-rhui-rpms 570 k
     php              x86_64 7.2.24-1.module+el8.2.0+4601+7c76a223
                                              rhui-rhel-8-for-x86_64-appstream-rhui-rpms 1.5 M
    Installing dependencies:
     apr              x86_64 1.6.3-9.el8      rhui-rhel-8-for-x86_64-appstream-rhui-rpms 125 k
     apr-util         x86_64 1.6.1-6.el8      rhui-rhel-8-for-x86_64-appstream-rhui-rpms 105 k
     gd               x86_64 2.2.5-6.el8      rhui-rhel-8-for-x86_64-appstream-rhui-rpms 144 k
     httpd            x86_64 2.4.37-21.module+el8.2.0+5008+cca404a3
                                              rhui-rhel-8-for-x86_64-appstream-rhui-rpms 1.4 M
     httpd-filesystem noarch 2.4.37-21.module+el8.2.0+5008+cca404a3
    ...

    Installing a package by its binary filename

    If you know the name of the binary file to install, but not the package name, even that is enough to install the relevant package.

    For example, if you enter:

    $ sudo dnf install /usr/sbin/named
    Last metadata expiration check: 1:21:25 ago on Tue 02 Jun 2020 05:37:11 PM UTC.
    Dependencies resolved.
    =====================================================================================================
     Package   Arch        Version                 Repository                                       Size
    =====================================================================================================
    Installing:
     bind      x86_64      32:9.11.13-5.el8_2      rhui-rhel-8-for-x86_64-appstream-rhui-rpms      2.1 M
    
    Transaction Summary
    =====================================================================================================
    Install  1 Package
    
    Total download size: 2.1 M
    Installed size: 4.5 M
    Is this ok [y/N]:

    DNF searches and finds the package which provides /usr/sbin/named and prompts you to install it.

    Finding which package owns a file

    If you know the filename and want to find which package provides it (installed or not), use:

    $ sudo dnf provides file_name

    For example, to find which package provides named, the binary for DNS server use: 

    $ sudo dnf provides named
    Last metadata expiration check: 1:27:30 ago on Mon 01 Jun 2020 11:23:11 PM UTC. 
    bind-32:9.11.4-16.P2.el8.x86_64 : 
    The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) : 
    server Repo : rhui-rhel-8-for-x86_64-appstream-rhui-rpms Matched from: Filename : 
    /usr/sbin/named

    Removing a package

    To remove a package:

    sudo dnf remove package_name

    But be careful, DNF is not able to remove a package without also removing packages which depend on it. To remove package nmap use:

    $ sudo dnf remove nmap
    Dependencies resolved.
    =====================================================================================================
     Package    Architecture Version             Repository                                         Size
    =====================================================================================================
    Removing:
     nmap       x86_64       2:7.70-5.el8        @rhui-rhel-8-for-x86_64-appstream-rhui-rpms        24 M
    
    Transaction Summary
    =====================================================================================================
    Remove  1 Package
    
    Freed space: 24 M
    Is this ok [y/N]:

    Managing package groups

    A package group is a collection of packages that are closely related and serve a common purpose. Installing a package group installs a set of packages, saving a lot of time.

    List all package groups

    To list all package groups:

    $ sudo dnf group list
    Available Environment Groups:
       Server with GUI
       Server
       Workstation
       Custom Operating System
       Virtualization Host
    Installed Environment Groups:
       Minimal Install
    Installed Groups:
       Security Tools
       Container Management
    Available Groups:
       Legacy UNIX Compatibility
       Development Tools
       Scientific Support
       .NET Core Development
       Graphical Administration Tools
       Headless Management
       RPM Development Tools
       Network Servers
       System Tools
       Smart Card Support

    List all packages in a group

    To list all packages in a group:

    $ sudo dnf group info package_name

    For example, to view packages in the Security Tools group:

    $ sudo dnf group info “security tools”
    
    Group: Security Tools
     Description: Security tools for integrity and trust verification.
     Default Packages:
       scap-security-guide
     Optional Packages:
       aide
       hmaccalc
       openscap
       openscap-engine-sce
       openscap-utils
       scap-security-guide-doc
       scap-workbench
       tpm-quote-tools
       tpm-tools
       tpm2-tools
       trousers

    Installing a package group

    Installing a group will install all packages in a group. To install a package group use:

    sudo dnf group install package_group_name

    For example, to install the “Network Servers” group:

    $ sudo dnf group install “Network Servers”
    
    Last metadata expiration check: 1:40:14 ago on Wed 03 Jun 2020 05:53:11 PM UTC.
    Dependencies resolved.
    ===========================================================================================
     Package              Architecture        Version               Repository            Size
    ===========================================================================================
    Installing Groups:
     Network Servers                                                                          
    
    Transaction Summary
    ===========================================================================================
    
    Is this ok [y/N]:

    Removing a package group

    To remove a package group:

    sudo dnf remove package_name

    So, to remove the “Security Tools” package group:

    $ sudo dnf group remove "security tools"
    Dependencies resolved.
    =====================================================================================================
     Package               Arch     Version          Repository                                     Size
    =====================================================================================================
    Removing:
     scap-security-guide   noarch   0.1.48-7.el8     @rhui-rhel-8-for-x86_64-appstream-rhui-rpms   182 M
    Removing unused dependencies:
     GConf2                x86_64   3.2.6-22.el8     @rhui-rhel-8-for-x86_64-appstream-rhui-rpms   6.3 M
     libxslt               x86_64   1.1.32-4.el8     @rhui-rhel-8-for-x86_64-baseos-rhui-rpms      734 k
     openscap              x86_64   1.3.2-6.el8      @rhui-rhel-8-for-x86_64-appstream-rhui-rpms    58 M
     openscap-scanner      x86_64   1.3.2-6.el8      @rhui-rhel-8-for-x86_64-appstream-rhui-rpms   137 k
     xml-common            noarch   0.6.3-50.el8     @rhui-rhel-8-for-x86_64-baseos-rhui-rpms       78 k
    Removing Groups:
     Security Tools                                                                                     
    
    Transaction Summary
    =====================================================================================================
    Remove  6 Packages
    
    Freed space: 247 M
    Is this ok [y/N]: 

    Updating packages

    Updating all packages

    To update all packages and their dependencies you can use:

    $ sudo dnf upgrade
    Last metadata expiration check: 1:09:31 ago on Tue 02 Jun 2020 08:38:09 PM UTC.
    Dependencies resolved.
    Nothing to do.
    Complete!

    This installs all updates that can be installed. Both dnf upgrade and dnf update have the same effect, but dnf upgrade is preferred.

    Updating a single package

    To update a single package, run:

    $ sudo dnf upgrade package_name

    For example, to update the python package:

    $ sudo dnf upgrade python
    

    Conclusion

    Learning DNF can be rewarding as it is often the fastest way to perform system administration tasks. If interested in learning RHEL 8 then you may check out this Udemy course.