On Thu, Feb 06, Michael Hirmke wrote:
Hi,
[...]
So I change the defaults to suit my needs by dropping a file to /etc. Months later, the defaults change again. How do I see what are the new defaults, how do I notice that I have to change the file in /etc again?
that is my main concern.
I would really suggest to read the openSUSE wiki documentation, reading documentation really helps and saves more work than it is to read it. You have the distribution default in /usr/etc You have your own "change" in /etc. If we take login.defs as example: /usr/etc/login.defs uses for NIS DES. You create a file like /etc/login.defs.d/crypt.defs and changes the default to SHA512. You have in /etc/ only the variable with SHA512, nothing else. You can lookup everytime in /usr/etc/login.defs what the current default is. But you don't need to care. If you we look at it for Leap: You have /etc/login.defs You change the hash for NIS from DES to SHA512. We update that file. You get a *.rpmnew file, and until you notice this and fixes it, all changed password will use the insecure DES hash! This can not happen today on Tumbleweed anymore! And if we take the /usr/etc/services example: Your /etc/services file contains only your change, nothing more. If there is an update, you don't need to manual merge them, it's done automatically for you by glibc. Of course, you can copy /usr/etc/services to /etc/services and modify that. In this case, you can diff /etc/services against /usr/etc/services and you will get the same result as today by diffing /etc/services against /etc/services.rpmnew. No change, only other path. But this doesn't make much sense as you would get a lot of duplicate entries.
If I understood correctly, an rpm package should drop the config files to /usr/etc, while an admin or a distribution can save altered or own config files to /etc.
He should save the modified/new entries there, not a copy of the whole file!
Applications/services will follow nsswitch.conf and check /etc/whatever for existance. If the file is found, it will be used. If not, /usr/etc/whatever will be used.
No, completly wrong. If you use nsswitch.conf, it will be merged.
If this is correct, lets assume we have /usr/etc/whatever from whatever.rpm. Me as an admin copies that file to /etc and modifies everything which seems to be necessary for my system. The next update for whatever.rpm contains a change for /usr/etc/whatever - maybe security relevant or even crucial for the system to come up. On the next boot, whatever will still read and use /etc/whatever and will either fail or use unsecure settings.
If that would be the case (and most likely will for some applications and their configuration files in the future), you are right and the result is exaclty the same as today.
Will anything tell me, that I will run into this problem? zypper?
The problem is the same as today for you, absolut no difference. If there will be a change, we have ideas for a tool to display the changes. Which would mean, it's even in that case better than today! But up to now, it's not needed.
Because now I simply do:
meld /etc/configfile /etc/configfile.rpmnew
and instantly I see what is new and I can decide to use it or not, entry by entry.
Right!
meld /etc/configfile /usr/etc/configfile? Where's the problem? Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org