Matthias Klumpp <matthias@tenstral.net> writes: > 2014-11-20 17:44 GMT+01:00 Jonas Smedegaard <dr@jones.dk>: >> Quoting Matthias Klumpp (2014-11-20 17:15:50) >>> 2014-11-20 16:12 GMT+01:00 Jonas Smedegaard <dr@jones.dk>: >>> > Quoting Vincent Danjean (2014-11-20 14:25:59) >>> >> Hi, >>> >> >>> >> On 18/11/2014 18:36, Ansgar Burchardt wrote: >>> >> > With systemd you can ship a default configuration in >>> >> > /lib/systemd/system and administrators can override specific options, >>> >> > for example: >>> >> > >>> >> > +--- >>> >> > | [Unit] >>> >> > | Description=Some Helpful Description >>> >> > | Documentation=man:minidlda(1) >>> >> > | >>> >> > | [Service] >>> >> > | User=minidlda >>> >> > | ExecStart=/usr/sbin/minidldad -S >>> >> > +---[ /lib/systemd/system/minidlda.service ] >>> >> > >>> >> > Then an admin can override the entire file by writing his own >>> >> > /etc/systemd/system/minidlda.service or only override specific settings: >>> >> > >>> >> > +--- >>> >> > | [Service] >>> >> > | User=some-other-user >>> >> > +---[ /etc/systemd/system/miniblda.service.d/user.conf ] >>> >> >>> >> I did not know that. It is very interesting. >>> >> >>> >> But, is there a way to be notified at upgrade time that the system >>> >> service file has been modified when there is local (partial or full) >>> >> changes ? >>> > >>> > I was wondering the same. >>> At least for the systemd-case, you can easily notice changes using the >>> systemd-delta command: >>> $> systemd-delta --diff >>> This will list all overrides and the differences in case something has >>> changed. >> >> Thanks. Sounds like only a diff between system-provided and >> sysadmin-overrided config, however: That might help for the latter part >> of the question - notify only when system service file is overridden >> locally (by suppressing notification if systemd-deta is empty). >> >> How to do first part of the question - be notified with a diff between >> old versus new _effective_ config when a package update changes a system >> service file? > I don't now of any tool which does that yet - but it shouldn't be hard > to write one that does it (maybe we could even run that by default if > a package touches a vendor-supplied configuration in /lib). > It would just be comparing checksums before and after installation of > a package, and then point the sysadmin at the changed file. Would it perhaps make sense to have etckeeper additionally keep track of files in /lib directories for packages that have this /etc overrides /lib scheme? Such packages could add their config-outside-etc directories to a list somewhere, perhaps, which packages like etckeeper could then pick up on. Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
Attachment:
pgpcqYvw_A5K3.pgp
Description: PGP signature