rpm %verify
Steve Grubb
sgrubb at redhat.com
Thu Nov 5 15:43:58 UTC 2009
On Thursday 05 November 2009 10:27:30 am Bill Nottingham wrote:
> Steve Grubb (sgrubb at redhat.com) said:
> > I have 2 bugzillas asking for %verify to be added to %config files. I am
> > wondering if this is a good idea at all. The issue is that if you wanted
> > to verify whether or not config files have changed, then this causes you
> > to lose that ability. Adding --noscript to the verify command does not
> > make rpm suddenly report the issues it was hiding. Does this mean that
> > rpm is not working right? Or does this mean that we cannot use rpm for
> > integrity checking for any package that has %verify attributes for config
> > files?
>
> %verify is for turning off specific verification checks for files we
> *know* are going to change from what's in the RPM package/db. /etc/passwd
> is an obvious example; users will be added there, and the fact that the
> passwd file does not match the packaged version is not a verification
> issue.
And there is no way to ask rpm to tell us what is different even if we wanted
that?
-Steve
More information about the fedora-devel-list
mailing list