Description of Problem: When using up2date to update sendmail and apache automatically, it is destroying current configuration[bug #29367 + bug #30302]. To prevent this I suggest to put these and other packages, having config files marked %config only, into an initial skip-list. How Reproducible: evrytime Steps to Reproduce: 1. make changes to the apache/sendmail configuration 2. run up2date to update packages automatically 3. wait for updated packages Actual Results: - boss phones, asking why emails dont arrive and why we have such a funny webpage - crackers are happy because they have now access to http://.../secret-stuff prevent formerly by our manual configuration Expected Results: no automatic update: We can download packages manually, shutdown the machine, call 'rpm -U sendmail/apache*' and 'mv /etc/sendmail.cf{.rpmsave,}' or 'mv /etc/httpd/conf/httpd.conf{.rpmsave,}', restart net & services and everybody except the cracker is happy. Additional Information: this bugreport can contain some sarcasm and the problems should be solved by the other packages probably.
We are looking at the packages which should be included by default in the package listing, but in the meantime, you can always run 'up2date --config' and add sendmail, apache and any other packages that you would like to the exclusion list.
I have no problem with `up2date' because I don't run auto-update on production-machines. But other people who are doing it will run into trouble. When they get the first time a misconfigured system by up2date and phone calls from their boss, they will probably call 'up2date --config' or change the distribution. To prevent such nasty incidents, at least the named packages should be in an initial skip-list of 'up2date'.
The up2date behaviour is designed to mimic default rpm handling of config files, with the exception of the case: oldpackage has %config file with default md5sum of valueA newpackage has %config file with default md5sum of valueB The version of the config file ondisk has md5sum of valueC in which case up2date will refuse to update the package by default, since the config has been modified, but, since the md5sum of the default config file in the new package changed, we have to assume the config file format changed and the old modified ondisk file may not be valid with the update. In other words, up2date doesnt know which version to use, and punts. In this case, bug #29367 seems to indicate a packageing problem in the sendmail rpm (at least, according to the reports), but the behaviour of #30302 seems to be acting correctly. It appears that the default version of the config files changed, so they were updated by rpm to the new versions. If the config files were modified, the new ones should get installed as .rpmnew. Investigating further...