Hi,

>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
> But the problem is , say user1 wants to install abc.rpm and as
> he is restricted , he/she cannot install. But there is one way.
> If the user changes the name of the rpm, say "cp abc.rpm
> xyz.rpm" and then user1 can easily install xyz.rpm . And if you
> login as root and query for the package abc.rpm, it says
> abc.rpm is installed , even though the user has installed it
> with a different name. 

Here's one way to do it, using an external script, though:

1. Create a file (say reject.rpms) with a newline delimited list
   of rpm regexs to reject. This is a list of the real rpm names.
   Ex:

    $ cat reject.rpms
    abc.*
    pqr.*

2. Then, write a small shell script like the one attatched as a
   wrapper to rpm (say userrpm).

3. Give root permission to this script in /etc/sudoers, without
   password.

   user  ALL=(root) NOPASSWD:/usr/local/bin/userrpm

Your users will have to use this as:

$ sudo userrpm -Uvh abc-1.0.0.rpm

Well, as has been already been mentioned many times in this
thread, this is extremely insecure. It's not very difficult to
get past even this check. I wouldn't recommend using this.

Arvind
-- 
   .~.
   /V\
  // \\
 /(   )\
  ^`~'^