January 12, 2011

This came up in a discussion last week so I thought I’d work up a
functional plugin to let people enhance.

Yum currently has some nifty verify() functionality – mostly exposed on
the cli via the verify plugin. It does all the things that rpm -V does
but it has nicer output and can be configured a lot more.

One thing that’s always bugged me is that in all the verification
processes we’ve never taken into account the checksums or other value
changes that we intentionally make and know about in config management
systems like cfengine, bcfg2 or puppet.

In yum, now, we have a plugin hook for the file verification process for
this specific point. It allows us to  add in the values that we should
see from the config mgmt system so that if the files on disk don’t match
what was originally in the rpm package but do match what we intended to
see from the config mgmt changes then it doesn’t alert about it.

So here’s the reverify plugin and accompanying scripts – just a simple,
working, proof of concept.

obviously change the paths to not be in my homedir. 🙂

One Response to “reverify”

  1. Sol Jerome Says:

    Bcfg2 ( does this checking for you. When a Path and a Package entry are both defined in the same bundle, Bcfg2 knows to ignore md5sum failures for that file in that package. This is one of the really nice verification features of a tool like Bcfg2. Of course, it can also be annoying when RPM fails to verify packages on a fresh install because of poorly written RPMs or bugs in yum’s verification code (

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: