Whether you're drawing customers into your restaurant for dinner, or friends over to your house for dessert, these tips will whet everyone's appetite.
Quick Tip: CentOS/Red Hat, sdiff, and .rpmnew files
Submitted by Guy Paddock on Mon, 08/29/2011 - 18:45
This is a quick tip for CentOS and Red Hat sysadmins out there, in the hopes that it saves you some time!
After upgrading software recently on one of our CentOS servers, we ended up with a lot of ".rpmnew" files strewn about in /etc because of all the configuration updates. Curiously, a search through Google yields results of people suggesting the following options for dealing with them:
- Deleting the ".rpmnew" files in bulk, essentially discarding the configuration updates.
- Replacing the local configuration files with the ".rpmnew" version, essentially removing any local changes to the configuration and returning it to factory condition.
- Using
diff -uto create a patch from the ".rpmnew" version, customizing the patch, and then applying the patch.
Basically, none of these options are good. Option 1 can cause your configuration not to match the latest version of the software you have installed, at best causing warning messages in log files, and at worst either opening you up to vulnerabilities or causing some software to stop functioning entirely. Option 2 causes you to lose all local customizations, which can be devastating if you've done something like performance-tune your MySQL or PHP configuration. Option 3 is just incredibly tedious and error-prone.
The good news is that there are two better solutions that people don't seem to mention as much.
Coming from Gentoo server administration, I take for granted that the package management system auto-merges configuration file changes, or guides the user through configuration changes with the trusty etc-update utility. Apparently, the yum-merge-conf plug-in to yum provides similar functionality. To install it, simply run yum install yum-merge-conf (it should be in the "base" repository).
As for dealing with the ".rpmnew" files you already have, using sdiff is your friend here. Install it with yum install sdiff, if you don't already have it installed. Here's an example for how to use it to update /etc/ssh/sshd_config:
bash# sdiff -o sshd_config.new /etc/ssh/sshd_config /etc/ssh/sshd_config.rpmnew
# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk | # $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 mark
%r
...
The utility will guide you, change-by-change, through the updated configuration. To accept a change from the new configuration (on the right side), type "r" and hit "ENTER". To reject a change and keep the current configuration information (on the left side), type "l" and press "ENTER". When done, you might want to diff the new file (in this case, sshd_config.new) against the current configuration file on the system to verify that all the changes are acceptable, and then copy the new file over the old configuration file.