Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Thu, 2010-01-07 at 16:31 +1030, Tim wrote: On Wed, 2010-01-06 at 17:40 +1100, Cameron Simpson wrote: The best approach is usually to identify your own change, make the same change in the .rpmnew file, then mv the .rpmnew file into place. What about SELinux issues when you mv instead of create new files? I conjecture that it's not a problem in this case, as the perms are the same for the new and old files: $ ls -lZ /etc/login.defs* -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/login.defs -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/login.defs.rpmnew -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Thu, 2010-01-07 at 08:28 -0500, Matthew Saltzman wrote: On Thu, 2010-01-07 at 16:31 +1030, Tim wrote: On Wed, 2010-01-06 at 17:40 +1100, Cameron Simpson wrote: The best approach is usually to identify your own change, make the same change in the .rpmnew file, then mv the .rpmnew file into place. What about SELinux issues when you mv instead of create new files? I conjecture that it's not a problem in this case, as the perms are the same for the new and old files: $ ls -lZ /etc/login.defs* -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/login.defs -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/login.defs.rpmnew Should also have pointed out that running restorecon after mv would solve any such problems, at least for these system files. -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On 06Jan2010 01:50, Marcel Rieux m.z.ri...@gmail.com wrote: | On Wed, Jan 6, 2010 at 1:40 AM, Cameron Simpson c...@zip.com.au wrote: | On 06Jan2010 00:24, Marcel Rieux m.z.ri...@gmail.com wrote: | | This message was issued while updating shadow-utils today. The weird thing is: | | | | ls -l /etc/login.defs.rpmnew | | -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew | | | | I did a research both on the fedoraproject and redhat sites and | | there's nothing about what to do with this warning. | | This normally means that /etc/login.defs was not exactly as it was | originally installed. | | I didn't change it. Is it possible that a program changed it? Sure, though I'd imagine unlikely. It might also be a permissions change; I don't know how picky rpm/yum is about this. | It's getting really late, here. I kept the odl file and I'll check tomorrow. Cheers, -- Cameron Simpson c...@zip.com.au DoD#743 http://www.cskk.ezoshosting.com/cs/ There is no reason anyone would want a computer in their home. --Ken Olson, president, chairman and founder of Digital Equipment Corp., 1977 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Wed, Jan 6, 2010 at 1:06 AM, Ed Greshko ed.gres...@greshko.com wrote: Marcel Rieux wrote: This message was issued while updating shadow-utils today. The weird thing is: ls -l /etc/login.defs.rpmnew -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew I did a research both on the fedoraproject and redhat sites and there's nothing about what to do with this warning. Can somebody explain? These files (.rpmnew) are created when the default settings/information change. They are also created to prevent over-writing configuration files that may have been changed by the administrator of the system. If you did a diff on those files you'd find out that the lines: # Use MD5 or DES to encrypt password? Red Hat use MD5 by default. MD5_CRYPT_ENAB no I had: # Use MD5 or DES to encrypt password? Red Hat use MD5 by default. MD5_CRYPT_ENAB no ENCRYPT_METHOD SHA512 So, the new file really doesn't change anything since encription was already SHA512. If the defautl is MD5, maybe I changed this in an interface. I don't remember. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Wed, Jan 6, 2010 at 6:29 AM, Cameron Simpson c...@zip.com.au wrote: On 06Jan2010 01:50, Marcel Rieux m.z.ri...@gmail.com wrote: | On Wed, Jan 6, 2010 at 1:40 AM, Cameron Simpson c...@zip.com.au wrote: | On 06Jan2010 00:24, Marcel Rieux m.z.ri...@gmail.com wrote: | | This message was issued while updating shadow-utils today. The weird thing is: | | | | ls -l /etc/login.defs.rpmnew | | -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew | | | | I did a research both on the fedoraproject and redhat sites and | | there's nothing about what to do with this warning. | | This normally means that /etc/login.defs was not exactly as it was | originally installed. | | I didn't change it. Is it possible that a program changed it? Sure, though I'd imagine unlikely. It might also be a permissions change; I don't know how picky rpm/yum is about this. It's chmoded group and user readable, which is not really necessary but doesn't change much, I suppose. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On 06Jan2010 09:41, Marcel Rieux m.z.ri...@gmail.com wrote: | | This normally means that /etc/login.defs was not exactly as it was | | originally installed. | | I didn't change it. Is it possible that a program changed it? | Sure, though I'd imagine unlikely. It might also be a permissions | change; I don't know how picky rpm/yum is about this. | | It's chmoded group and user readable, which is not really necessary | but doesn't change much, I suppose. rpm has some verify options. See the VERIFY OPTIONS section of man rpm. Run it against login.defs and see what's different. -- Cameron Simpson c...@zip.com.au DoD#743 http://www.cskk.ezoshosting.com/cs/ It's better, when you're racing with someone you don't know so well, to stick to the inside line - it's easier to avoid the bits. - Barry Sheene, bike GP commentator -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Thu, 2010-01-07 at 08:29 +1100, Cameron Simpson wrote: On 06Jan2010 09:41, Marcel Rieux m.z.ri...@gmail.com wrote: | | This normally means that /etc/login.defs was not exactly as it was | | originally installed. | | I didn't change it. Is it possible that a program changed it? | Sure, though I'd imagine unlikely. It might also be a permissions | change; I don't know how picky rpm/yum is about this. | | It's chmoded group and user readable, which is not really necessary | but doesn't change much, I suppose. rpm has some verify options. See the VERIFY OPTIONS section of man rpm. Run it against login.defs and see what's different. $ rpm -qVf /etc/login.defs ... S.5T. c /etc/login.defs ... $ ls -l /etc/login.defs* -rw-r--r--. 1 root root 1524 2009-11-29 11:42 /etc/login.defs -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew $ diff /etc/login.defs* 56,57c56,57 # Use MD5 or DES to encrypt password? Red Hat use MD5 by default. MD5_CRYPT_ENAB no --- # Use SHA512 to encrypt password. ENCRYPT_METHOD SHA512 59d58 ENCRYPT_METHOD SHA512 $ rpm -qif /etc/login.defs Name: shadow-utils Relocations: (not relocatable) Version : 4.1.4.2 Vendor: Fedora Project Release : 2.fc12Build Date: Wed 18 Nov 2009 09:00:37 AM EST Install Date: Tue 05 Jan 2010 07:08:49 PM EST Build Host: x86-5.fedora.phx.redhat.com Group : System Environment/Base Source RPM: shadow-utils-4.1.4.2-2.fc12.src.rpm Size: 2700852 License: BSD and GPLv2+ Signature : RSA/8, Thu 26 Nov 2009 02:44:54 AM EST, Key ID 9d1cc34857bbccba Packager: Fedora Project URL : http://pkg-shadow.alioth.debian.org/ Summary : Utilities for managing accounts and shadow password files So the old version is newer than the new version. I've never touched that file, so it's not because the old one was changed from the distribution version (at least not intentionally). -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu http://www.math.clemson.edu/~mjs -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Wed, 2010-01-06 at 17:40 +1100, Cameron Simpson wrote: The best approach is usually to identify your own change, make the same change in the .rpmnew file, then mv the .rpmnew file into place. What about SELinux issues when you mv instead of create new files? -- [...@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
Marcel Rieux wrote: This message was issued while updating shadow-utils today. The weird thing is: ls -l /etc/login.defs.rpmnew -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew I did a research both on the fedoraproject and redhat sites and there's nothing about what to do with this warning. Can somebody explain? These files (.rpmnew) are created when the default settings/information change. They are also created to prevent over-writing configuration files that may have been changed by the administrator of the system. If you did a diff on those files you'd find out that the lines: # Use MD5 or DES to encrypt password? Red Hat use MD5 by default. MD5_CRYPT_ENAB no were removed. If you had made changes to the original login.defs file you can make the changes to login.defs.rpmnew and replace the original login.defs with it. If you didn't make any changes you can simply replace the login.defs with login.defs.rpmnew. FWIW, typing howto handle rpmnew files as a google search would have found several articles to read -- His mind is like a steel trap: full of mice. -- Foghorn Leghorn Guess Who! http://tinyurl.com/mc4xe7 signature.asc Description: OpenPGP digital signature -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On 06Jan2010 00:24, Marcel Rieux m.z.ri...@gmail.com wrote: | This message was issued while updating shadow-utils today. The weird thing is: | | ls -l /etc/login.defs.rpmnew | -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew | | I did a research both on the fedoraproject and redhat sites and | there's nothing about what to do with this warning. This normally means that /etc/login.defs was not exactly as it was originally installed. Because you, the sysadmin, may have modified it instead of overriding the login.defs file and destroying your changes, it writes the new login.defs file to login.defs.rpmnew. Now you should diff the two files and decide that to keep. The best approach is usually to identify your own change, make the same change in the .rpmnew file, then mv the .rpmnew file into place. -- Cameron Simpson c...@zip.com.au DoD#743 http://www.cskk.ezoshosting.com/cs/ There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences. - P.J. O'Rourke speaking to the Cato Institute Washington DC, May 6, 1993 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Wed, Jan 6, 2010 at 1:06 AM, Ed Greshko ed.gres...@greshko.com wrote: If you had made changes to the original login.defs file you can make the changes to login.defs.rpmnew and replace the original login.defs with it. If you didn't make any changes you can simply replace the login.defs with login.defs.rpmnew. Ok. So, now, after copying, sha512 is enabled. Thanks! -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: /etc/login.defs created as /etc/login.defs.rpmnew
On Wed, Jan 6, 2010 at 1:40 AM, Cameron Simpson c...@zip.com.au wrote: On 06Jan2010 00:24, Marcel Rieux m.z.ri...@gmail.com wrote: | This message was issued while updating shadow-utils today. The weird thing is: | | ls -l /etc/login.defs.rpmnew | -rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew | | I did a research both on the fedoraproject and redhat sites and | there's nothing about what to do with this warning. This normally means that /etc/login.defs was not exactly as it was originally installed. I didn't change it. Is it possible that a program changed it? It's getting really late, here. I kept the odl file and I'll check tomorrow. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines