rpm5 package verification and md5sum of config files
Adam Osuchowski
adwol at zonk.pl
Mon Oct 22 14:45:10 CEST 2012
Jan Rękorajski wrote:
> Quick question, does passing '--nohmacs' option give the same effect as
> your patch to lib/verify.c? In that case we could just make it default
> and add '--hmacs' option.
No. --nohmacs option disables checking hmac entirely even for truly
modified files (with hmac verify flag set). For example, I have modified
my /etc/bashrc file:
# rpm -q --qf '[%{filemd5s} %{filenames}\n]' bash | grep /etc/bashrc ; md5sum /etc/bashrc
95bd580c005792a58362fec41c14615a /etc/bashrc
82e47e6fbf2fa5b0d9401e8b989ffb72 /etc/bashrc
so `rpm -V' should show this file was modified (and this file only), but:
# rpm -V bash
..5..... c /etc/bashrc
..5..... c /etc/skel/.bash_logout
..5..... c /etc/skel/.bash_profile
..5..... c /etc/skel/.bashrc
# rpm -V --nohmacs bash
#
More information about the pld-devel-en
mailing list