rpmconf -a

General support questions
Post Reply
kt53
Posts: 48
Joined: 2016/05/12 05:12:02

rpmconf -a

Post by kt53 » 2018/03/20 00:27:52

Greetings:

Code: Select all

$ uname -a
Linux euler 3.10.0-693.21.1.el7.x86_64 #1 SMP Wed Mar 7 19:03:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ 

Code: Select all

$ rpmconf -a
Configuration file `/var/lib/unbound/root.key'
-rw-r--r--. 1 unbound unbound  818 Aug  4  2017 /var/lib/unbound/root.key.rpmnew
-rw-r--r--. 1 unbound unbound 1250 Sep 24 20:06 /var/lib/unbound/root.key
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      M	    : merge configuration files
      Z     : background this process to examine the situation
      S     : skip this file
 The default action is to keep your current version.
*** aliases (Y/I/N/O/D/Z/S) [default=N] ? 
Your choice: 
$
What should my choice be?

Thanks
KT.

Milan Kerslager
Posts: 7
Joined: 2015/03/05 13:34:57

Re: rpmconf -a

Post by Milan Kerslager » 2020/05/03 19:58:54

If you answer N (no), there will be no change so it's safe. Use this if you don't know what to do and want to just see what's going on.
If you answer Y (yes), the file will be reverted to default (distribution version), your changes will be lost.

The tool is for tracking changes of config files through updates when those .rpmnew and .rpmsave are created to preserve your modifications.

The RPM package has config file with default configuration.
When you make change in config file and the package is updated, there could several possibilities:
1) updated package has the same config file -> nothing happens (your changes will be preserved)
2) updated package has new/different config and maintainers choose to (noreplace) -> new config file will be created as .rpmnew and your modified config stay as is
3) updated package has new/different config -> new config take a place and your modified config will be renamed to .rpmsave

This tool allows you to gather those files and compare default config with your changes (D - difference) and know what you changed and what is new in the config file (updated package could have new version of the program that needs/accepts new config directives).

Usually, no action is needed after normal system update. But when for example you upgrade from CentOS 7 to 8, there could be changes you need to track. This tool is for tracking those changes. See here: https://serverfault.com/questions/48776 ... -an-update or use Google.

tunk
Posts: 1205
Joined: 2017/02/22 15:08:17

Re: rpmconf -a

Post by tunk » 2020/05/03 21:48:00

Also, it looks like you have two years of accumulated security problems.
(And there is no upgrade path from 7 to 8.)

Milan Kerslager
Posts: 7
Joined: 2015/03/05 13:34:57

Re: rpmconf -a

Post by Milan Kerslager » 2020/05/04 06:07:13

tunk wrote:
2020/05/03 21:48:00
Also, it looks like you have two years of accumulated security problems.
(And there is no upgrade path from 7 to 8.)
I see no security implication with config file change. Or very rare, for example https://www.openssh.com/security.html
It's far better to monitor security advisories, for example RHEL: https://access.redhat.com/security/secu ... advisories

There is working upgrade path 7 to 8 (I did it for my own servers):
leap tool (RHEL, not adapted for CentOS): https://bugs.centos.org/view.php?id=16116
manual steps (CentOS): https://serverfault.com/questions/98547 ... 77#1014477

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: rpmconf -a

Post by TrevorH » 2020/05/04 09:14:36

I see no security implication with config file change
The security problem isn't with your config file change, it's the fact that you're massively out of date that's the security problem.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Milan Kerslager
Posts: 7
Joined: 2015/03/05 13:34:57

Re: rpmconf -a

Post by Milan Kerslager » 2020/05/04 09:28:48

TrevorH wrote:
2020/05/04 09:14:36
I see no security implication with config file change
The security problem isn't with your config file change, it's the fact that you're massively out of date that's the security problem.
CentOS 6 will be supported until 2020-11-30. I don't see the point still. Maybe there's no point, just misunderstanding.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: rpmconf -a

Post by TrevorH » 2020/05/04 09:35:13

It doesn't automatically upgrade itself and the kernel that is running there is more than 2 years out of date. That also means that the rest of the system is almost certainly out of date too. And it's not CentOS 6, it's 7.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Milan Kerslager
Posts: 7
Joined: 2015/03/05 13:34:57

Re: rpmconf -a

Post by Milan Kerslager » 2020/05/04 09:48:20

TrevorH wrote:
2020/05/04 09:35:13
It doesn't automatically upgrade itself and the kernel that is running there is more than 2 years out of date. That also means that the rest of the system is almost certainly out of date too. And it's not CentOS 6, it's 7.
The question is 2 years old and the person asked another question you answered. Also the kernel was only 14 days old at the time the question was asked, see:
https://www.redhat.com/archives/rhsa-an ... 00004.html

Post Reply