RPM

chattr attrib on /etc/samba/smb.conf file during package update

Bug #651463 reported by Jeff Johnson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
RPM
New
Undecided
Unassigned
Fedora
Won't Fix
High

Bug Description

tracker

Tags: install yum rhel
Revision history for this message
In , Aaron (aaron-redhat-bugs) wrote :
Download full text (3.5 KiB)

Description of problem:

The /etc/samba/smb.conf file is set immutable. This need to be taken into account in the spec file when doing an update or remove action.

Version-Release number of selected component (if applicable):

All versions of samba-common on the RHEL5.x baseline that I can think of

How reproducible:

Steps to Reproduce:
1. Do a yum update on samba-common
2.
3.

Actual results:

[~]# yum update samba-common
Loaded plugins: changelog, downloadonly, kmod, protectbase, rhnplugin, security,
              : versionlock
0 packages excluded due to repository protections
Skipping security plugin, no data
Reading version lock configuration
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package samba-common.i386 0:3.0.33-3.15.el5_4.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package Arch Version Repository Size
================================================================================
Updating:
 samba-common i386 3.0.33-3.15.el5_4.1 rhel-i386-server-5 8.7 M

Transaction Summary
================================================================================
Install 0 Package(s)
Update 1 Package(s)
Remove 0 Package(s)

Total size: 8.7 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating : samba-common 1/2
Error unpacking rpm package samba-common-3.0.33-3.15.el5_4.1.i386
error: unpacking of archive failed on file /etc/samba/smb.conf: cpio: rename

Failed:
  samba-common.i386 0:3.0.33-3.15.el5_4.1

Complete!

Expected results:

root@CPK01R-02 ~]# yum update samba-common
Loaded plugins: changelog, downloadonly, kmod, protectbase, rhnplugin, security,
              : versionlock
0 packages excluded due to repository protections
Skipping security plugin, no data
Reading version lock configuration
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package samba-common.i386 0:3.0.33-3.15.el5_4.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package Arch Version Repository Size
================================================================================
Updating:
 samba-common i386 3.0.33-3.15.el5_4.1 rhel-i386-server-5 8.7 M

Transaction Summary
================================================================================
Install 0 Package(s)
Update 1 Package(s)
Remove 0 Package(s)

Total size: 8.7 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Tran...

Read more...

Revision history for this message
In , Aaron (aaron-redhat-bugs) wrote :

Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.

New Contents:
lsattr /etc/samba/smb.conf
----i-------- /etc/samba/smb.conf

chattr -i /etc/samba/smb.conf

yum update samba-common

chattr +i /etc/samba/smb.conf

Revision history for this message
In , Dmitri (dmitri-redhat-bugs) wrote :

The samba spec file has: %config(noreplace) %{_sysconfdir}/samba/smb.conf
so we think there is something wrong with how rpm is behaving in this case.

Revision history for this message
In , Panu (panu-redhat-bugs) wrote :

Hmm, interesting case. The deal here is that %config(noreplace) does not mean rpm will /never/ replace the file, it means rpm will not replace a /modified/ configuration file. As long as the config file is pristine from the package, rpm will update it, this is the intended and wanted behavior to allow packages to tweak their default configuration as long as user didn't customize it. It's just that rpm doesn't know anything about immutable files currently.

So here's the reproducer case into an empty chroot:
[root@dhcp102 rpm]# ./rpm -Uvh --root /home/test/ /home/pmatilai/rpmbuild/RPMS/noarch/conftest-1.0-1.noarch.rpm
Preparing... ########################################### [100%]
   1:conftest ########################################### [100%]
[root@dhcp102 rpm]# chattr +i /home/test/etc/boo.conf[root@dhcp102 rpm]# ./rpm -Uvh --root /home/test/ /home/pmatilai/rpmbuild/RPMS/noarch/conftest-1.0-2.noarch.rpm
Preparing... ########################################### [100%]
   1:conftest ########################################### [100%]
error: unpacking of archive failed on file /etc/boo.conf: cpio: rename failed - Operation not permitted
error: conftest-1.0-2.noarch: install failed
error: conftest-1.0-1.noarch: erase skipped

And the same with a modified config file:
[root@dhcp102 rpm]# ./rpm -Uvh --root /home/test/ /home/pmatilai/rpmbuild/RPMS/noarch/conftest-1.0-1.noarch.rpm
Preparing... ########################################### [100%]
   1:conftest ########################################### [100%]
[root@dhcp102 rpm]# echo foobar > /home/test/etc/boo.conf
[root@dhcp102 rpm]# chattr +i /home/test/etc/boo.conf
[root@dhcp102 rpm]# ./rpm -Uvh --root /home/test/ /home/pmatilai/rpmbuild/RPMS/noarch/conftest-1.0-2.noarch.rpm
Preparing... ########################################### [100%]
   1:conftest ########################################### [100%]
[root@dhcp102 rpm]#

Oh and I tend to agree, this isn't the most productive way of handling the situation, at least for %config files.

Revision history for this message
In , Panu (panu-redhat-bugs) wrote :

Just in case it's not obvious from between the lines of the above, the simple workaround to this issue is: If you dont want rpm to touch the config file, just modify it before making it immutable. Anything that changes the checksum of the file will do, such as adding a blank trailing line (which many, if not all config files accept):

# echo -e "\n" >> /etc/samba/smb.conf
# chattr +i /etc/samba/smb.conf

Jeff Johnson (n3npq)
tags: added: install rhel yum
Revision history for this message
In , Florian (florian-redhat-bugs) wrote :

While rpm trying to replace the file is not a bug a better error handling is desirable. But this is out of the scope of an RHEL5 update but needs some serious work upstream. Moved the issue to the upstream bugtracker:
http://rpm.org/ticket/860

Thanks for reporting!

Bug Watch Updater (bug-watch-updater)
Changed in fedora:
importance: Unknown → High
status: Unknown → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.