rpm %verify
Toshio Kuratomi
a.badger at gmail.com
Wed Nov 11 17:12:24 UTC 2009
On Thu, Nov 05, 2009 at 10:43:58AM -0500, Steve Grubb wrote:
> On Thursday 05 November 2009 10:27:30 am Bill Nottingham wrote:
> > Steve Grubb (sgrubb at redhat.com) said:
> > > I have 2 bugzillas asking for %verify to be added to %config files. I am
> > > wondering if this is a good idea at all. The issue is that if you wanted
> > > to verify whether or not config files have changed, then this causes you
> > > to lose that ability. Adding --noscript to the verify command does not
> > > make rpm suddenly report the issues it was hiding. Does this mean that
> > > rpm is not working right? Or does this mean that we cannot use rpm for
> > > integrity checking for any package that has %verify attributes for config
> > > files?
> >
> > %verify is for turning off specific verification checks for files we
> > *know* are going to change from what's in the RPM package/db. /etc/passwd
> > is an obvious example; users will be added there, and the fact that the
> > passwd file does not match the packaged version is not a verification
> > issue.
>
> And there is no way to ask rpm to tell us what is different even if we wanted
> that?
>
Correct -- rpm records checksums of files, not the file's contents.
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091111/e73a673f/attachment.sig>
More information about the fedora-devel-list
mailing list