Ubuntu – Unknown Folder on System root /.rpmdb


Can somebody explain what the /.rpmdb folder in the root directory is for? Which application creates it and is using it?

Best Answer

  • I can't say definitively what creates this directory, but it is likely that it is created either as a side effect of installing third-party Linux kernel drivers such as NVIDIA or VirtualBox using DKMS, or by some other unsupported installer script not provided by Ubuntu. This directory was most probably created as a side effect of an install process that happens to support both rpm-based and deb-based distributions. DKMS happens to be such an install script and can definitely create this directory under the right conditions. The directory can safely be deleted without harming your system, but it may be created again when updates are installed later. See bug #1069350 for an open bug report tracking this issue.

    That's the short answer, now some more detail.

    What is .rpmdb?

    As you may know, rpm is a software packaging format and set of tools for installing packages and maintaining the database of installed packages and their interdependencies. It is used by many distributions but not by Ubuntu and other deb-based distributions. Unfortunately for Ubuntu, however, any use of the rpm command requires a valid "rpmdb" database to exist or to be created.

    On rpm-based distributions this is not a problem because they have a system-wide rpmdb by definition. On Ubuntu systems, since there is no need for a system-wide rpm database, rpm is configured to use a database under each user's home directory, specifically $HOME/.rpmdb. This database is silently created as needed whenever rpm runs. Since it is in each user's home directory, there are no problems with shared permissions or requiring the database to be created by an administrator. Every user just gets their own private empty rpm database.

    Why would rpm be run at all on Ubuntu?

    It turns out that some projects like to create install scripts that will work on any distribution, whether that distribution is rpm-based, deb-based, or neither. DKMS is one such project, it allows third-party drivers to be built for whatever Linux kernel a system happens to be running, and it is written to work across distributions. In part of its logic to determine which distribution it is running on and which kernel version is present, it executes an rpm command to query the database. As I explained earlier, this will silently create a .rpmdb directory if one does not already exist in the current user's home directory. The database query should fail, since Ubuntu is not an rpm-based distribution, and DKMS continues on.

    If you install any additional Linux kernel driver packages from Ubuntu such as VirtualBox, NVIDIA, ndiswrapper, or openswan, you are probably using DKMS to install those drivers for your kernel. This is typically done automatically when the driver is installed from the Ubuntu repositories. So any time either a kernel or driver update is installed, DKMS runs again to rebuild the driver for all available kernel versions. It has been shown that when those packages are updated, the /root/.rpmdb directory does in fact appear, which is in root's home directory since root is required to install updates.

    I don't know of any other specific third-party installation scripts that may also execute rpm commands as a way of detecting the distribution type, but it's certainly possible. For example, you may want to install LargeProprietaryProgram from Initech, and to do so you run an install.sh script as root. This script may try to query an rpm database to see if you're running an rpm-based distribution, and /root/.rpmdb is created again.

    So that explains why you may see /home/user/.rpmdb and /root/.rpmdb directories show up on your system. But why in the system root directory?

    Why is .rpmdb created in the root directory?

    The easiest explanation for this is that the $HOME environment variable is unset somehow in some process context that runs rpm. Let's use DKMS for the sake of argument because we definitively know it can run rpm commands. Because it typically runs when packages are installed or updated, it runs in the environment of whatever package manager you happen to use. If you use sudo apt-get to install packages, it will inherit a correct $HOME. If you use PackageKit, it may not have a $HOME variable at all. I am not sure what environment is provided by Synaptic or Ubuntu Software Center.

    So if DKMS is running in an environment that does not have a $HOME variable, and because of the way the rpm database was defined, an empty rpm database will be created in /.rpmdb instead of /root/.rpmdb. This has been fixed in the rpm package for Ubuntu in the 14.10 development version, so it should now create /root/.rpmdb even if $HOME is not defined.

    I hope this explains why there are directories called .rpmdb at all on an Ubuntu system, why they may get created seemingly automatically, and why one can be created in the root directory under the right set of conditions. It's nothing to worry about, there is nothing malicious in the existence of this directory, and it can simply be deleted if its presence is offensive to aesthetics or security scanners.