[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rpm %verify



On Thu, Nov 05, 2009 at 10:43:58AM -0500, Steve Grubb wrote:
> On Thursday 05 November 2009 10:27:30 am Bill Nottingham wrote:
> > Steve Grubb (sgrubb redhat com) said:
> > > I have 2 bugzillas asking for %verify to be added to %config files. I am
> > > wondering if this is a good idea at all. The issue is that if you wanted
> > > to verify whether or not config files have changed, then this causes you
> > > to lose that ability. Adding --noscript to the verify command does not
> > > make rpm suddenly report the issues it was hiding. Does this mean that
> > > rpm is not working right? Or does this mean that we cannot use rpm for
> > > integrity checking for any package that has %verify attributes for config
> > > files?
> > 
> > %verify is for turning off specific verification checks for files we
> > *know* are going to change from what's in the RPM package/db. /etc/passwd
> > is an obvious example; users will be added there, and the fact that the
> > passwd file does not match the packaged version is not a verification
> >  issue.
> 
> And there is no way to ask rpm to tell us what is different even if we wanted 
> that?
> 
Correct -- rpm records checksums of files, not the file's contents.

-Toshio

Attachment: pgpNsoseeQHel.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]