Yum is updating /etc/shadow?

Panu Matilainen pmatilai at laiskiainen.org
Thu Jan 12 10:15:33 UTC 2012

On 01/12/2012 10:28 AM, Marko Vojinovic wrote:
> On Thursday 12 January 2012 05:53:42 g wrote:
>> if you compare "/etc/shadow" to "/etc/shadow.rpmnew" when it is there,
>> you will see that yum/rpm has added a program's name to "/etc/shadow"
>> when yum/rpm adds a new program that needs to be assigned an id.
>> this also happens to "/etc/group", "/etc/gshadow", and "/etc/passwd".
>> why "/etc/shadow.rpmnew" was removed is hard to answer.
> AFAIK, yum/rpm can use the "usual" method of getting an id for a new program
> (calling useradd or similar), which doesn't involve creating a shadow.rpmnew
> file.
> Besides, this would be understandable if there actually were any new programs
> to be assigned an id during an update. But in this case there weren't any, and
> additionally the timestamp on /etc/shadow has not changed since I last created
> a user, so nothing was actually modified.
> I am just baffled by the existence of the warning about /etc/shadow.rpmnew,
> which also turns out to not exist at all.
> It's not a big deal after the fact, but it just triggered the
> "this-shouldn't-happen" alarm in my head when I saw the warning. Hence the
> question... :-)

Here's what happens to the .rpmnew files from setup:

[pmatilai at localhost ~]$ rpm -q --scripts setup | head -4
postinstall scriptlet (using <lua>):
for i, name in ipairs({"passwd", "shadow", "group", "gshadow"}) do

Been there for some time now too:

* Thu Feb 26 2009 Ondrej Vasik <ovasik at redhat.com> 2.8.1-1
- added postun section for cleaning of dangerous .rpmnew
   files after updates

	- Panu -

> Best, :-)
> Marko

More information about the users mailing list