%config files and upgrade to F11 - consider noreplace
Bill Crawford
billcrawford1970 at gmail.com
Mon Mar 2 14:03:39 UTC 2009
On Monday 02 March 2009 13:22:29 Horst H. von Brand wrote:
> Bill Crawford <billcrawford1970 at gmail.com> wrote:
> > On Thursday 26 February 2009 13:01:07 Miloslav Trmač wrote:
> > > Bill Crawford píše v Čt 26. 02. 2009 v 11:55 +0000:
> >
> > ...
> >
> > > > ... and run the old checksum code on the file
> > > > on the machine, before replacing it with the new file and the new
> > > > hash.
> > >
> > > That answers the question whether the user has modified the file. It
> > > doesn't answer the question whether the packager has modified the
> > > shipped file between the two rpm package versions.
> >
> > But that's the question we should be asking ... right?
>
> No.
>
> There are 3 potential files involved:
>
> A: The original configuration as given by the installed package
> B: The installed configuration file (as modified by the user)
> C: The new configuration file.
>
> If B == A, rpm can safely replace the configuration file by C.
> If A != B, the user changed something, and the changes have to be ported
> forward by hand.
That's ... sort of my point. RPM only has to compare the existing hash in the
rpmdb, with that of the file currently on the disk. This doesn't need to care
about the new file at all ('C' doesn't appear in your 'if' conditions).
Now, if we see that the original file was unmodified (at least according to md5
AND timestamp / size) then we replace it, and don't need to care whether the
new file is different to the original.
If it's apparently changed, we're going to save it to one side (.rpmsave, or, if
it's a "noreplace" file, then save the new one as .rpmnew). Why do we need to
care whether the new config file has changed in the package, if the file has
been modified on disk? If it hasn't, just re-hash that file with your new hash
algorithm, and compare *that* with the new package's version of the file. If
you're worried there might be a hash collision with md5, but not with sha-xxx,
then always save the new file as .rpmnew, or something.
More information about the fedora-devel-list
mailing list