[ SEA-GHOST MINI SHELL]

Path : /proc/2/cwd/proc/3/task/3/cwd/usr/share/doc/rpm-4.11.3/
FILE UPLOADER :
Current File : //proc/2/cwd/proc/3/task/3/cwd/usr/share/doc/rpm-4.11.3/queryformat

/*! \page queryformat Query formats

As it is impossible to please everyone with one style of query output, RPM
allows you to specify what information should be printed during a query
operation and how it should be formatted.

\section queryformat_tags Tags

All of the information a package contains, apart from signatures and the
actual files, is in a part of the package called the header. Each piece
of information in the header has a tag associated with it which allows
RPM to to tell the difference between the name and description of a
package.

To get a list of all of the tags your version of RPM knows about, run the
command 'rpm --querytags'. It will print out a list like (but much longer
then) this:

\verbatim
    RPMTAG_NAME
    RPMTAG_VERSION
    RPMTAG_RELEASE
    RPMTAG_SERIAL
    RPMTAG_SUMMARY
    RPMTAG_DESCRIPTION
    RPMTAG_BUILDTIME
    RPMTAG_BUILDHOST
    RPMTAG_INSTALLTIME
    RPMTAG_SIZE
\endverbatim

As all of these tags begin with RPMTAG_, you may omit it from query format
specifiers and it will be omitted from the rest of this documentation for
the same reason.

A tag can consist of one element or an array of elements. Each element can
be a string or number only.

\section queryformat_format Query Formats

A query format is passed to RPM after the --queryformat argument, and normally
should be enclosed in single quotes. This query format is then used to print
the information section of a query. This means that when both -i and 
--queryformat are used in a command, the -i is essentially ignored. 
Additionally, using --queryformat implies -q, so you may omit the -q as well.

The query format is similar to a C style printf string, which the printf(2)
man page provides a good introduction to. However, as RPM already knows the
type of data that is being printed, you must omit the type specifier. In
its place put the tag name you wish to print enclosed in curly braces
({}). For example, the following RPM command prints the names and sizes
of all of the packages installed on a system:

\verbatim
    rpm -qa --queryformat "%{NAME} %{SIZE}\n"
\endverbatim

If you want to use printf formatters, they go between the % and {. To
change the above command to print the NAME in the first 30 bytes and
right align the size to, use:

\verbatim
    rpm -qa --queryformat "%-30{NAME} %10{SIZE}\n"
\endverbatim

\section queryformat_arrays Arrays

RPM uses many parallel arrays internally. For example, file sizes and 
file names are kept as an array of numbers and an array of strings
respectively, with the first element in the size array corresponding
to the first element in the name array. 

To iterate over a set of parallel arrays, enclose the format to be used
to print each item in the array within square brackets ([]). For example,
to print all of the files and their sizes in the slang-devel package
followed by their sizes, with one file per line, use this command:

\verbatim
    rpm -q --queryformat "[%-50{FILENAMES} %10{FILESIZES}\n]" slang-devel
\endverbatim

Note that since the trailing newline is inside of the square brackets, one
newline is printed for each filename.

A popular query format to try to construct is one that prints the
name of a package and the name of a file it contains on one line, 
repeated for every file in the package. This query can be very useful
for passing information to any program that's line oriented (such as
grep or awk). If you try the obvious,

\verbatim
    rpm --queryformat "[%{NAME} %{FILENAMES}\n]" cdp
\endverbatim

If you try this, you'll see RPM complain about a "parallel array size 
mismatch". Internally, all items in RPM are actually arrays, so the NAME
is a string array containing one element. When you tell RPM to iterate
over the NAME and FILENAMES elements, RPM notices the two tags have 
different numbers of elements and complains.

To make this work properly, you need to tell RPM to always print the first
item in the NAME element. You do this by placing a '=' before the tag
name, like this:

\verbatim
    rpm --queryformat "[%{=NAME} %{FILENAMES}\n]" cdp
\endverbatim

which will give you the expected output.

\verbatim
    cdp /usr/bin/cdp
    cdp /usr/bin/cdplay
    cdp /usr/man/man1/cdp.1
\endverbatim

\section queryformat_formatting Formatting Tags

One of the weaknesses with query formats is that it doesn't recognize
that the INSTALLTIME tag (for example) should be printed as a date instead
of as a number. To compensate, you can specify one of a few different
formats to use when printing tags by placing a colon followed the formatting 
name after the tag name. Here are some examples:

\verbatim
    rpm -q --queryformat "%{NAME} %{INSTALLTIME:date}\n" fileutils
    rpm -q --queryformat "[%{FILEMODES:perms} %{FILENAMES}\n]" rpm
    rpm -q --queryformat \
	"[%{REQUIRENAME} %{REQUIREFLAGS:depflags} %{REQUIREVERSION}\n]" \
	vlock
\endverbatim

The :shescape may be used on plain strings to get a string which can pass
through a single level of shell and give the original string.

\section queryformat_expressions Query Expressions

Simple conditionals may be evaluated through query expressions. Expressions
are delimited by %|...|. The only type of expression currently supported
is a C-like ternary conditional, which provides simple if/then/else
conditions. For example, the following query format display "present" if
the SOMETAG tag is present, and "missing" otherwise:

\verbatim
    %|SOMETAG?{present}:{missing}|
\endverbatim

Notice that the subformats "present" and "missing" must be inside of curly
braces.

\section queryformat_example Example: Viewing the Verify Flags

The following example query is run against dev because I know %verify
is used there.
\verbatim
	rpm -q --qf '[%{filenames} %{fileverifyflags}\n]' dev
\endverbatim

The flags are defined in rpmlib.h (check there for changes):
\verbatim
	#define RPMVERIFY_MD5           (1 << 0)
	#define RPMVERIFY_FILESIZE      (1 << 1)
	#define RPMVERIFY_LINKTO        (1 << 2)
	#define RPMVERIFY_USER          (1 << 3)
	#define RPMVERIFY_GROUP         (1 << 4)
	#define RPMVERIFY_MTIME         (1 << 5)
	#define RPMVERIFY_MODE          (1 << 6)
	#define RPMVERIFY_RDEV          (1 << 7)
\endverbatim

A 1 bit in the output of the query means the check is enabled.

*/

SEA-GHOST - SHELL CODING BY SEA-GHOST