Re: postinstall wiped out my /etc/rc changes

To: "Steven M. Bellovin" <smb%cs.columbia.edu@localhost>
Subject: Re: postinstall wiped out my /etc/rc changes
From: Greg Troxel <gdt%ir.bbn.com@localhost>
Date: Mon, 05 May 2008 13:05:11 -0400
"Steven M. Bellovin" <smb%cs.columbia.edu@localhost> writes:

> On Sat, 03 May 2008 09:52:17 -0400
> Greg Troxel <gdt%ir.bbn.com@localhost> wrote:
>
>>   I think it's more complex than that.  It isn't obvious -- at least
>> not to me -- which files in /etc are "owned" by the system (and hence
>> are fair game for auto-replacement), and which are owned by the
>>   administrator.  (I raised similar questions a few months ago about
>> the power management scripts.)  We need a clear, clean way to make
>> that distinction, and to make it obvious to the community.
>> 
>> See pkgsrc/sysutil/etcmanage.  The rule there is that a file is owned
>> by the system if it is marked automatically managed and is unmodified
>> from when it was marked (hash registered in db).  I've been updating
>> many systems with this for years with no surprises.
>> 
> Right, but how does it keep straight which files are automatically
> managed?  Hard-wired?  How does it track different versions of NetBSD?

A file is automatically managed iff there is a database entry
(/var/db/etcmanage.db) for it.  If the recorded md5sum matches the file,
it can be replaced.  So a file can be unregistered, registered and
matching, and or registered and not matching.

My system's database is appended.

The only hard part is bootstrapping.  One can look at each file in /etc
and decide if it has local changes, and if not 'etcmanage --add
/etc/foo'.  Or, one could use 'etcmanage --generate-manifest' on an
unpacked etc set, and then 'etcmanage --import' with that manifest in
order to register any file that matches the set.  Ideally this would get
integrated and the installer would do this.

Every time I upgrade, I unpack the etc sets (and xetc) and do

etcmanage -up /usr/netbsd-etc

This looks at each file in /usr/netbsd-etc and copies it into /etc if it
doesn't exist, or if it does exist and is registered and unmodified.  If
a file is registered and unmodified, and doesn't exist in /etc, it's
removed.  Of course, all the right registration and md5sum records are
maintained correctly.

So the only real rub is that to start off you have to have the original
etc bits you started with.  In practice, you can import from a bunch of
different manifests, and then adjust by hand (with --add).  The basic
rule is that if a file in /etc matches exactly that same file from any
previous version of NetBSD, it's fair game for automatic updating.  But
this rule is only invoked when doing --import from a bunch of manifests.
I use "etcmanage --unmanaged" to show files that aren't registered.

I have been living this way for years, and it's second nature.  But I
have found that every time I try to explain it people think it's hard,
so I suspect I'm always failing to be adequately clear.

etcmanage has some warts; I have fixed the warts that annoy me more than
the fix time and here is what remains:

  doesn't make new dirs (e.g., /etc/bluetooth)

  has to be run multiple times because modifying db while iterating
  doesn't work straightforwardly




Here's my system's database (from etcmanage --print).

/etc/ld.so.conf e7a00b98707a3c23d937c6e46d81d7be
/etc/skeykeys d41d8cd98f00b204e9800998ecf8427e
/etc/mail.rc 8df9202825a40f47587a5dd8cee52031
/etc/X11/lbxproxy/AtomControl 5d5340a22cad1a4728b6e0cc3ac39ab2
/etc/X11/rstart/config cbeddaddffa1697811b772baf8dcc20c
/etc/X11/rstart/commands/ListGenericCommands 990244465726f0f0253167b9bc548d51
/etc/X11/rstart/commands/x11r6/LoadMonitor 6c85958e27ab270430fb231215ad6b0d
/etc/X11/rstart/commands/x11r6/@List 2f8c5da2a627177e87e6ff462e769df6
/etc/X11/rstart/commands/x11r6/Terminal 6eb40925388edfe891d94845e46866ff
/etc/X11/rstart/contexts/default 6464dd06f101fdd425138f28fb2ccca0
/etc/X11/twm/system.twmrc 6581e5931920502219f12f0225146a04
/etc/X11/xdm/Xresources 19fd5feeb7c3223626d8e0140fed48e2
/etc/X11/xdm/Xservers.fs 9dd2d6683862939e2cb7f41ca51cfe62
/etc/moduli 085771ebb2b6cfe60b84ad094de0788a
/etc/passwd.conf 6375abfd47b094d9746fcfd0cd9579a7
/etc/rc.d/apmd 321b4fd816b84f78cc56b8c8e83d54f0
/etc/rc.d/isdnd 35b2dc2f4bc0aae6e3521d18090fe04e
/etc/rc.d/ndbootd 7e0574f9cfc613f4bdf5693ebc2603aa
/etc/rc.d/rwho f5459aa8cfdc90fbc29eb232dc6d7edb
/etc/skel/.logout 940a013597682f1f72dd51417537e5e3
/etc/rc.d/sshd bfa3a07733507a09afbb17f14b085ad1
/etc/rc.d/pflogd 502368ee31462eb87686a343c3f99c3f
/etc/rc.d/NETWORKING b31afb705f390f16eeeb596e8d70b83c
/etc/rc.d/mountall 3389770a90612ab5c96fb5115d22ffa8
/etc/rc.d/ypbind b76bbb12fea715b617ded3a90dd318e2
/etc/rc.d/ldconfig cdc15bf35ea9a91481b2e717bfadb36a
/etc/defaults/monthly.conf 9ebc0356d1241ce54d1cce87a8c0a2be
/etc/rc.d/ipnat 2386efea38bba3e7a773771ef0731daf
/etc/disktab 99adc0553d875d4a2babb645ee23eaa4
/etc/rc.d/sysctl 75656b268b63f5512bfd1a27529d3e6a
/etc/pam.d/imap aba74c390087f65cfdc0a822db1de690
/etc/rc.d/cgd d962beb589a28baa18f3181e786ab881
/etc/rc.d/ftpd 4497af32e2eaad292ef32bcb71c5e844
/etc/pam.d/login 06085d12bedd539b2a3c960c8c34bdea
/etc/lkm.conf e6fd6bafee031e6eafe6f8134caabe61
/etc/rc.d/inetd 38f21fcf6f09ed574c1add3ddef5f4f8
/etc/rc.d/rpcbind 6b6767952810a5518e490339f386dcaa
/etc/pf.os 12f9c69c57f43cb409345a24a93a366c
/etc/rc.d/kdc 842bdcb6534665d79a2dfb223041ec87
/etc/rc.d/racoon e19b6806906ff5e16a10d8a3af8234ac
/etc/pam.d/xdm 810ab03796bd21e0b9c63e0dd466b957
/etc/rc.d/lpd 8619b5d81e8eb64988212d7ea9ad0d90
/etc/rc.d/altqd 7ad08fd55a5ed8efd4344b9bc6185809
/etc/postfix/README 9c320d06eb61c1dd8d1342905827092c
/etc/pam.d/rexecd 26e8374ee931d7f9a6a5c8fb858c725a
/etc/pam.d/rsh f961bf23cbe0b5dd02676e035dad9c8f
/etc/rc.d/nfslocking 5bc82677678fe67229f8d6f365f9c6b8
/etc/rc.d/ntpdate e35cf9743b14bd2c89af08149cc895b1
/etc/rc.d/ppp 6f8ee57f47dc660cf785ede1a9289097
/etc/rc.d/raidframeparity b3803b553677662ff7c0b472fcc16599
/etc/changelist ca31349c075d7e176f85849d538cefa6
/etc/rc.d/dhcrelay 14ef14ec802f09b7089ff8be2861f3c9
/etc/rc.d/rbootd fcfbed9cb04d3b64c76f136a65b936a7
/etc/rc.d/fixsb 806db942b89fa4fe6f3d9775d72d6c83
/etc/rc.d/ifwatchd c330388e343db94988f2b0d486c4f588
/etc/rc.d/dmesg c3720b258d9f0c69594403c56cc78d8c
/etc/rc.d/wdogctl d64559341f541c9e61bd0d893d8cf03d
/etc/rc.d/mrouted c3a44c65df20c36b3c6ee32e3f72376e
/etc/rc.d/cron 58580ff78d299fb3ae69bf0d379009ad
/etc/defaults/daily.conf 43cdae4c98a5135eafee9328561c737b
/etc/rc.d/ntpd 52f1eb8e97db6c4403fd2a4d409a86f3
/etc/rc.d/screenblank c87ea8ed21365b45511c471881fdaeea
/etc/rc.d/quota 2929ea47226ef905c3c443ef5c77cadd
/etc/rc.d/pf 54f02adfbf5f8360e7f7645831704b5c
/etc/security.conf 8e29964d7292946cf1e3a724e4f7c639
/etc/rc.d/bootparams 4e01b0807589296ca363a0720c90a01d
/etc/rc.d/savecore 01f7b1167147f3d4083b0f0064e9f754
/etc/pf.conf dca1f52b2ab40365f4cc4e74830c1e31
/etc/rc.d/ccd e8bc0a075d8d283877e7a47351c55fce
/etc/gettytab 6551f6daed53fe5e19a5c76240d9028c
/etc/csh.logout b06c70159f90d1add831bd9526dda2e1
/etc/locate.conf 1b3bf4567d13abba823685efe92a6f4a
/etc/rbootd.conf 02e0d2be7843fde7b845fb0a5864ced4
/etc/pam.d/system 327c9e312ce9be26504dd6946a56fcfd
/etc/pam.d/xserver 139c78dd776ff2fafab632712d41dcf5
/etc/rc.d/network ca062cbb3ce721810e3e3636538c7a95
/etc/rc.d/DAEMON 3e89e44b3b84a9667559fa095ca5234d
/etc/rc.d/SERVERS 8fd8d4c8cfe715c56655c7dfcda8841b
/etc/rc.d/identd 07b48ffb79da4288fc39e99d627f80e4
/etc/rc.d/ipsec a549117512fed15b31a4bfe90c0389d3
/etc/rc.d/mopd 7ce5285e3e399d0850385e0233cb3e2a
/etc/rc.d/motd 3f4459f1a67cc408f8530da3fd40f5f4
/etc/rc.d/root 57a92b3e819497edf4c6fc73e5e020b2
/etc/rc.d/swap1 83451ccad568e38d65e7e807a7220ad8
/etc/rc.d/ttys 54e9045607de0a3167fed21adf8443b6
/etc/rc.d/downinterfaces d788c373b13c4b243d80030f9f698265
/etc/rc.d/ipfs b245c0aff58b8bceddd2d6b97af8e7e0
/etc/rc.d/lkm2 3619065d1cc5948d6feb943faaf120b8
/etc/postfix/main.cf ad8b7339190daac47a7a776bf520cdf6
/etc/ftpusers 1152a958091d73777aad5060cd3f9a34
/etc/man.conf ed81fcb0fb5f42e3654737ae6bf918c9
/etc/iscsi/targets d513eeae45eeae662078acfc3b2de196
/etc/rc.d/btconfig 161845c86765612fa831ce5bf2def705
/etc/rc.d/bthcid 90dcb26225458bc0df8e47cf8cc12c61
/etc/bluetooth/hosts cb9f08490e388f58021ed3d4a5926025
/etc/bluetooth/protocols 2c95fd48a65e64dfe7cbf8e1576b2444
/etc/defaults/weekly.conf c16dbce6c11fac672c46a9dcb166b55c
/etc/rc.d/rtsold 506f9e5daa5176ad8ea839cb6f886fb2
/etc/ssh/ssh_config 54c79e1300b7a9319c9521dc1cf39ad2
/etc/rc.d/mountcritlocal c5f9384478b6c7844bb2c853802fb590
/etc/rc.d/cleartmp 61d2aca4d685340e9d8b5177ed48bcf0
/etc/services 1f709edfe2d3e19672688b6b372be336
/etc/skel/.shrc ed43595f0c94b676cd594282a9e0120b
/etc/shrc 43e8c559cc47d74901b91ebfd056381e
/etc/powerd/scripts/acadapter 3574a01b498b53be76d980e0ff25f027
/etc/rc.d/wpa_supplicant f52e8b13f5b7b610febd94a719e30c33
/etc/mtree/set.xetc 47219e9e01b76cd7b6e081e05a928418
/etc/rc.d/mixerctl dbda942a5cb59072e5c00029cbf0fd0a
/etc/rc.d/amd d4fd50a0d5b5350a95b870d447556ef0
/etc/postfix/post-install f1c16c206e45f4a9cd8b837c0b565802
/dev/MAKEDEV f65fe1cc412823ebeb93eb6f3cf299da
/etc/rc.d/btdevctl 1ba2846bfb7bbb96e4649277b42f881a
/etc/mtree/NetBSD.dist 4520fbcd8b5ad169e8ece51afa7e15b4
/etc/security 285ab0e4d0c896b1f1ca1672dbb35313
/etc/namedb/root.cache 970666d704084cf1c826130259e0cade
/etc/defaults/rc.conf 84d3bd60fa2677f848b82e53ddf72cf0
/etc/mtree/set.etc f7776faaa4a128b5c3688a01b0bbc2e4
/etc/hosts.equiv 0a1f21a3417389e0c0a13392c79a7a89
/etc/rmt 6e77126b6f9a2a266c8ebaeff1c85b55
/etc/X11/fs/config ff60773c02ce23981ecc8dc64e5debed
/etc/X11/proxymngr/pmconfig 05a8b12bc0d5d574c2773f3a96eb5892
/etc/X11/rstart/commands/ListContexts 47dd38a3e578e28ba8178717f88d436b
/etc/X11/rstart/commands/@List 3136f73ea92f9d0713fab87b43e115d7
/etc/X11/rstart/contexts/x 174129bc1808a25de42b047feb88782b
/etc/X11/rstart/contexts/x11 174129bc1808a25de42b047feb88782b
/etc/X11/rstart/contexts/@List 462ceaab24460a7650c1c7dd08f7d7f1
/etc/X11/rstart/contexts/x11r6 174129bc1808a25de42b047feb88782b
/etc/X11/xdm/Xservers 3e23ca76ef668d5e97034b126a40c046
/etc/X11/xdm/GiveConsole c5d788f4a3c3a4b267e5c74bd49e8b76
/etc/X11/xdm/TakeConsole 10c037f9abc3575dcf5c11e22b35bbe4
/etc/X11/xdm/Xaccess c2b9364dea303ac136d88223ad6dc140
/etc/X11/xdm/Xservers.ws 3e23ca76ef668d5e97034b126a40c046
/etc/X11/xdm/Xsetup_0 61b058cf163afebd427aedb77074f308
/etc/X11/xdm/Xwilling 5aec82ec5555f912e050a02f84d8d572
/etc/X11/xinit/xinitrc 45bf14ffb90c48ddbceead36123faa74
/etc/X11/xserver/SecurityPolicy 5e63f298721bdd4062d3c66967df99ba
/etc/X11/xsm/system.xsm 2f4e2377a2862ec6bfc9b9dc8cf1172d
/etc/X11/xdm/xdm-config 3db4e9aafd8c004f3f305629a09e0d79
/etc/dm.conf 483b4bf425ad21422dfa6cc1bf60c751
/etc/phones 32e6802f9e85844de397a0c0aff0819b
/etc/rc.d/LOGIN 7209a7ad064c0aa33d6bd1f15a493ea0
/etc/rc.d/newsyslog 7da61523f4079fc2b5eabd83ef4571cc
/etc/rc.d/securelevel 380c10776bea2ba0e3441b50de9ca2d4
/etc/namedb/loopback.v6 de0ddf10e4187d1b4f8aa427547e05b8
/etc/powerd/scripts/reset_button 75381c9d271b99694cccd9ff99ce8e16
/etc/csh.cshrc 87f1379f64f8a8fd8a172b55919c4e0e
/etc/weekly.conf e4e5251e17ad65bf38a10874a7fc27b9
/etc/powerd/scripts/power_button f837534dcf2d08915fcc3e7350d748b1
/etc/rc.d/pwcheck fadc86f6017544d6373e1aa6e59dfdee
/etc/rpc 275650a10eb9b715df9af4b908425e48
/etc/pam.d/sshd 3dadbb7562341a903a129fb2106a40e7
/etc/rc.d/ypserv fd52b917d0c1cc26309b74f9789eb2a2
/etc/rc.d/pf_boot cfcb13b44acf66699d43493369e6036d
/etc/csh.login 711ebb41600de7bf39ccc6d56b5ca309
/etc/ttyaction c0749e81a61f6cf3e0d4c6cd6ef49539
/etc/skel/.cshrc 1d63d1f16a931a3d82c2a8e2afc91091
/etc/rc.d/virecover cfb32befc0c1277cd99c2a00c961e16b
/etc/rc.d/staticroute f19780807e68e31de465a30cc4cd7684
/etc/rc.d/moused 9d196a969f862149db331b5a72699cf1
/etc/pam.d/ftpd 7d1f59237aeba85ac0cb37b513fc011b
/etc/rc.d/named 65ba84d6d9e3246731f303eac32d77ae
/etc/ftpchroot 6b8f0135fdf2098c57650ff05beee3fd
/etc/rc.d/timed d3a8dfb117fb02519f931fc14dcc5a11
/etc/rc.d/lkm3 9b37d9419d4d1a1da30aee9d44794682
/etc/namedb/localhost 27558749a497a0aebad637e7f1280639
/etc/rc.d/raidframe 5274172184b547c219927b1e4844ae57
/etc/pam.d/su 5b14b6d01e760bed3d1aa7d92c17be7a
/etc/rc.d/ipfilter d9e6228175755fa98124f62ef9785986
/etc/rc.d/syslogd 1d404d1c8327b546ef2c9ecb35003f92
/etc/rc.d/lkm1 2fd177e7114edf884b80b11ede81529f
/etc/defaults/pf.boot.conf 9aedf07d61f615a4bc82848216f15190
/etc/bootptab 64cf07a32916d4ec024a4cba4521bc10
/etc/rc.d/rarpd f13bb1542fb0035b1e0f77eb4bbc0679
/etc/pam.d/README dbfd109c32dda7931c022f59c1c17423
/etc/rc.d/mountcritremote ce4364e70175e297c674651b9d73317e
/etc/rc.d/sysdb 0790b537803e1386327c65d9ccc8ba4a
/etc/rc 5754ffc67eb9adce80c45d51d9fd171f
/etc/rc.lkm 9c290cb1e7a9fc5b7f42f0f955c76b2b
/etc/pam.d/display_manager 3d9aaa97c679bc13bbfd6f221ac5e798
/etc/pam.d/other a725090016e69810a550d5af34849783
/etc/rc.d/mountd ac76f0a561d34d8a7fdd276b66278489
/etc/rc.d/wsmoused 9a7f62a4718c3595767aa806961f5ce9
/etc/floppytab b3f7d314f0a36a130588e150a9002a0f
/etc/daily.conf b269e4d803cae79cda17e713f9455664
/etc/pam.d/telnetd d545c69f431e7f61447588fa8267819d
/etc/rc.d/veriexec 25a96592df63c9421da06bab875957ee
/etc/rc.d/dhcpd 723f580e4bf437c6619c14a6be3adc17
/etc/pam.d/ppp cbe53261aa48d08c32621be136795fcd
/etc/rc.d/nfsd f988ec3a9fef095bf58bdb75b44354b8
/etc/pam.d/pop3 57f113839cd81957f38b42871f0dbd84
/etc/rc.d/wscons fa735eb8c44c78ad80e18e2e302042b9
/etc/monthly.conf ac925e5f55ca773ef0daf6e106a6bc07
/etc/networks 30abe6aee0ea34fc21a1b6f5c7ec6bd0
/etc/netconfig 3ed9d5da57ed7b3dc847dae092843c79
/etc/rc.shutdown ceebe071f484b7bb83f6452e418271cc
/etc/profile 756fe9c904dce9182a147cbeb29d7da6
/etc/nsswitch.conf 5e05b30fbb61b599bc523d90eb7cc6dd
/dev/MAKEDEV.local 1225770627038c9c5f983d3a50555048
/etc/pam.d/gdm 1c7895a5e938c81ff7ef4b649de35064
/etc/pam.d/kde e2afe84a768291d1ad624c77b24d7ab1
/etc/pam.d/passwd 434fdc452f9988db70c83ce6665afaf0
/etc/skel/.login 47c83e3b33be81b7333407b74fdb738e
/etc/rc.d/dhclient 24575e0e51672014d7540643e0ada3ab
/etc/rc.d/local 4029ba275002ed01922314f967644ffa
/etc/rc.d/poffd 04ceb88e503bc10f8fbac831440218d1
/etc/rc.d/powerd ac94ca99fe63329d1e5eef623884c87b
/etc/rc.d/rtadvd 6e2c0f883abbd7959a61fe2a03e20b8a
/etc/rc.d/swap2 dc00885ed55439b7506207288fda7d90
/etc/rc.d/xdm 32fd33a02550bd3d04529037d05413de
/etc/rc.d/tpctl 8c314460b891cf65ba10489092c04a78
/etc/rc.d/xfs 29c99f34709e42c6f1fc85c91c4ad4c8
/etc/rc.d/yppasswdd 6d78a3a05ddf9cfa0f28e0d32950cdfe
/etc/rc.d/ipmon 608128e3e59301afe07a96841111b0eb
/etc/X11/xdm/Xsession d55c509b18ca73d0e64e6502eff53664
/etc/rc.d/bootconf.sh 6e6e3f26c0cb4dccb41048a26a18277e
/etc/protocols e05ba9a8cb01ba96b41f0976122eee94
/etc/iscsi/auths 7bafa453c64c260984891da4c800524a
/etc/rc.d/hostapd 4b225eb6d7a2754f7049c732799e5e7d
/etc/rc.d/irdaattach dac009cc3e30b3a6a1c18d3edf2a0b2f
/etc/rc.d/iscsi_target ff158ceabce67dcc8b77e038ab21856b
/etc/wscons.conf 63a4bcc1bebd110e82265290a52e2bc2
/etc/skel/.profile 0f00bfe80216a0401022459e7b6eab2e
/etc/rc.d/accounting bac65f1eaa1b49d3822fac383ef334bf
/etc/rc.d/fsck ae5994fcd0be4b6dd47c28f8662ad3ba
/etc/ssh/ssh_known_hosts d256b3f10c0a77a6ac8ef7b86c687655
/etc/rc.d/rtclocaltime b29e8ba2eca8ca11b1148e53ae5968b4
/etc/rc.subr a476ede59d72eaa0bc73d8424985718e
/etc/bluetooth/btdevctl.conf 9afaa50307462f87f9fba377338d033f
/etc/powerd/scripts/lid_switch 310afd4614e9271c8379b8f25d8334b2
/etc/powerd/scripts/sleep_button 79ff61dc2e51266984c01ee573318764
/etc/mtree/special 91b146c43effc71037875b5c838fa380
/etc/rc.d/route6d 390634b99caea7495d30e06a04c22468
/etc/rc.d/routed df3620ca8bedefed07c6fd497ecf8976
/etc/monthly 9b8ba234c1d9cee3ad8a2f536a250c00
/etc/postfix/postfix-script fa0747cbf7ab8387eb75a8f6d0c5995d
/etc/postfix/postfix-files 86adc54fd71d18e72d82e6ce3d41cea4
/etc/weekly 895c547029193047f35049e54b0bc2e1
/etc/daily 3dc8d9a892727ff85d2f1e8d0130ca3d
/etc/postfix/master.cf e2c917c1ec7d552a32c29c7cb8fcdcd8
/etc/rc.d/postfix 5dea4e71c1e131dcdf7c86a3837cc5d9
/etc/defaults/security.conf ec00576787e402165ef8f036acb4a464
/etc/rc.d/sdpd 4ec9681decbadb7a96a46e0d4ecb1b56
/etc/syslog.conf b9b158395677c852b589a774ad43e6e6
References:
- postinstall wiped out my /etc/rc changes
  - From: Sverre Froyen
- Re: postinstall wiped out my /etc/rc changes
  - From: Alan Barrett
- Re: postinstall wiped out my /etc/rc changes
  - From: Steven M. Bellovin
- Re: postinstall wiped out my /etc/rc changes
  - From: Greg Troxel
- Re: postinstall wiped out my /etc/rc changes
  - From: Steven M. Bellovin
Prev by Date: Re: more regression in -current on ASUS PSCHSR: lock up during boot
Next by Date: my serial-console i386 systems will not reboot after halt with a keypress
Previous by Thread: Re: postinstall wiped out my /etc/rc changes
Next by Thread: Re: postinstall wiped out my /etc/rc changes
Indexes:
Home | Main Index | Thread Index | Old Index