On Tue, Sep 8, 2009 at 5:30 PM, Davetdbtdb+centos@gmail.com wrote:
Here is a list of files that I have not (knowingly) modified that do not pass rpm verification immediately after I installed centos 5.3. I am not really sure what this means - are the packagers sending out sloppy rpms, or is something going around modifying stuff? Other than the texmf stuff, the list seems to consist entirely of config files. Does yum or rpm or something do some instant reconfiguring when a package gets installed? Maybe rpms have a post-install script that mods the config?
As you point out a file with a ' c ' is a configuration file. Processes, daemons, etc can update these files as needed. The printcap file gets updated by cups. The /var/log/mail/statistics file gets updated by mail...
If you want to know exactly what the file was at first, you could do a
rpm -qf 'fill in file name here' this will tell you hat RPM owned that file.
rpm -qf /etc/printcap setup-2.5.58-7.el5
I think texmf gets updated by a cron job
....L... c /etc/pam.d/system-auth S.5....T c /etc/xml/catalog S.5....T c /usr/share/sgml/docbook/xmlcatalog S.5....T c /etc/sysconfig/system-config-securitylevel .......T c /etc/modprobe.d/blacklist-firewire ..5....T c /usr/lib/security/classpath.security S.5....T c /usr/share/config/kdm/kdmrc S.5....T c /etc/printcap SM5....T c /etc/sysconfig/iptables-config #(mode is -rw-r--r-- 1 root root, seem okay) S.5....T c /var/log/mail/statistics .......T c /etc/audit/auditd.conf .M...... /var/lib/texmf/ls-R S.5....T /usr/share/texmf-var/fonts/map/dvips/updmap/builtin35.map S.5....T /usr/share/texmf-var/fonts/map/dvips/updmap/download35.map [snip ... lots more texmf stuff...] S.5....T /usr/share/texmf-var/web2c/pdfetex.fmt S.5....T /usr/share/texmf-var/web2c/pdftex.fmt S.5....T /usr/share/texmf-var/web2c/tex.fmt
How would I get a 'clean' copy of some of these files to do a diff? Figure out what rpm they're from (rpm -qf <filename>), then what repo the rpm came from, then go download a copy of the rpm by hand, extract the file. Maybe figure out if there is a post-install script and whether it does something.
Googling, I see lots of hits suggesting that 'yum info <packagename>' will show what repo it came from. Testing this on a couple of the packages above, I get 'Repo : installed'. Does that mean that the rpm came from the install CD?
Am I missing something, is there an easier way>?
mahalo, Dave _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos