http://bugzilla.suse.com/show_bug.cgi?id=1162277 http://bugzilla.suse.com/show_bug.cgi?id=1162277#c1 --- Comment #1 from Christian Boltz --- Hmm, interesting[tm]. The nscd profile has #include and abstractions/nameservice has # libtirpc (used for NIS/YP login) needs this /etc/netconfig r, (sidenote: this will become "/{usr/,}etc/netconfig r," with one of the next tumbleweed snapshots) Therefore I'm surprised that you needed to add "/etc/netconfig r," because it is already in abstractions/nameservice. Can you please check - if you have any *.rpmnew files in /etc/apparmor.d/ or its subdirectories - run rpm -V apparmor-profiles apparmor-abstractions to check for modified files -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1162277 http://bugzilla.suse.com/show_bug.cgi?id=1162277#c2 Martin Wilck changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID Flags|needinfo?(martin.wilck@suse | |.com) | --- Comment #2 from Martin Wilck --- Indeed, I had /etc/apparmor.d/abstractions/nameservice.rpmnew. And actually, I've had this file for 3 years: 2016-11-25 09:04:50|command|root@apollon.suse.de|'zypper' 'up'| # 2016-11-25 09:04:53 apparmor-abstractions-2.10.1-5.1.noarch.rpm installed ok # Additional rpm output: # warning: /etc/apparmor.d/abstractions/nameservice created as /etc/apparmor.d/abstractions/nameservice.rpmnew # redirecting to systemctl reload apparmor.service # 2016-11-25 09:04:53|install|apparmor-abstractions|2.10.1-5.1|noarch||openSUSE-20160701-0|07801683ccd90ddec1516349e68fc0935a68d94a| I swear I've never touched that file consciously. I never new it even existed, in particular not in 2016 when I was still a novice TW user. But yeah, I must have ignored these messages for some time. My bad, then. Maybe I made a mistake back then, by running "zypper up" rather than "dup"? The bug can be closed, sorry. Strange though: I also have apollon:/etc/apparmor.d # rpm -V apparmor-profiles S.5....T. c /etc/apparmor.d/usr.sbin.nscd (because I added the netconfig line on Friday) but I have no "rpmnew" file for this. "zypper in --force apparmor-profiles" doesn not change the situation, still wrong hash, no .rpmnew file. I had to delete the file and reinstall apparmor-profiles. Is that expected? -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1162277 http://bugzilla.suse.com/show_bug.cgi?id=1162277#c4 --- Comment #4 from Martin Wilck --- (In reply to Christian Boltz from comment #3)

The files in /etc/apparmor.d/ are packaged as "%config(noreplace)", therefore getting *.rpmnew files is not too surprising. However, I'm - like you - surprised that this happened for a file you never touched. AFAIK rpm should silently replace unmodified files with their newer version.

Perhaps I touched the file unknowingly or just forgot about it, it was 3y ago, no clue. What I observed when I checked your suggestion: Warnings about "rpmnew" or "rpmsave" files are visible in /var/log/zypp/history, but not on the command line. So they aren't actual warnings for the end user. This was on current TW.

...

apollon:/etc/apparmor.d # rpm -V apparmor-profiles S.5....T. c /etc/apparmor.d/usr.sbin.nscd

(because I added the netconfig line on Friday)

but I have no "rpmnew" file for this.

You'll need to ask a rpm expert, but my _guess_ is that rpm only creates the *.rpmnew file if the to-be-installed file has a different md5(?)sum that the file in the already installed package (as listed in the rpm database).

The "S.5....T." above indicates that the MD5sum was indeed wrong. Whatever. -- You are receiving this mail because: You are on the CC list for the bug.