On Thu, Nov 05, 2009 at 10:43:58AM -0500, Steve Grubb wrote: > On Thursday 05 November 2009 10:27:30 am Bill Nottingham wrote: > > Steve Grubb (sgrubb@xxxxxxxxxx) said: > > > I have 2 bugzillas asking for %verify to be added to %config files. I am > > > wondering if this is a good idea at all. The issue is that if you wanted > > > to verify whether or not config files have changed, then this causes you > > > to lose that ability. Adding --noscript to the verify command does not > > > make rpm suddenly report the issues it was hiding. Does this mean that > > > rpm is not working right? Or does this mean that we cannot use rpm for > > > integrity checking for any package that has %verify attributes for config > > > files? > > > > %verify is for turning off specific verification checks for files we > > *know* are going to change from what's in the RPM package/db. /etc/passwd > > is an obvious example; users will be added there, and the fact that the > > passwd file does not match the packaged version is not a verification > > issue. > > And there is no way to ask rpm to tell us what is different even if we wanted > that? > Correct -- rpm records checksums of files, not the file's contents. -Toshio
Attachment:
pgp1haBEc5Mze.pgp
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
