On Mon, 2005-05-23 at 13:59 -0400, John Dennis wrote: > On Mon, 2005-05-23 at 19:37 +0200, Tomas Mraz wrote: > > Are there any guidelines when to use %config and when %config > > (noreplace)? > > If you look at this bug report: > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158568 > > > > Currently in FC-3 the ca-bundle.pem file is not %config at all. This is > > obviously wrong because if sysadmin changes this file (and it's > > legitimate to do so) he will lose his changes after openssl update. > > > > However it's questionable if it should be %config(noreplace) because > > then he will not get the changes (new CA certificates) on update. > > I believe the way to think about this is by asking the question, "Did > the sysadmin change the file?" If they did then rpm shouldn't overwrite > his/her explicition modification. If the config file was unaltered then > rpm should install the latest version of the file thus getting the > updates. This is precisely the behavior of config noreplace, which I > believe in this instance is probably the optimal behavior. > > If a sys admin has altered a config file they are probably aware of the > possble existence of a .rpmnew file and are aware of its implications. Generally I would agree, the question is if the ca-bundle.pem is or isn't normal config file or if it's a little bit special in this regard. But I'm inclined to make it %config(noreplace). -- Tomas Mraz <tmraz@xxxxxxxxxx>
