
I've got a network with a few score RPM-based machines, and need to standardize and sometimes en masse update some predictable *NIX configuration files: nsswitch.conf, ntp.conf, ldap.conf, syslog.conf, etc.

(I control what settings I can at boot-time, and veil most network changes with sly A record changes, but sometimes I do need to reach into the machines and turn a knob.)

Now, I can revise existing and introduce new packages into these boxen' RPM repositories, and my thought is to standardize their configuration by introducing "configuration-only" RPMs


The idea of summarily replacing /etc files owned by some other RPM gives me pause, however. Does anyone have practical guidance for this endeavour, particularly recommendations for doing this safely?

  • 449
  • 5
  • 19
  • Sorry for not providing much help, but I'd probably suggest looking into one of the tools specifically designed for this. Such as puppet or cfengine. Like you said, doing this with rpm's will cause file conflicts every time you need to push either your configuration rpms or just normal vendor provided patches. – Banis Jul 22 '10 at 15:48

2 Answers2


It's not an direct answer, but have you looked at configuration management systems such as cfengine or puppet? They are built for this purpose.

  • 3,519
  • 21
  • 17
  • There are a ton of tools to do what you're asking for. You really really want to use one instead of writing your own :) – Bill Weiss Jul 22 '10 at 16:06
  • Okay, IIUC that reduces my "custom config" RPM approach to a single package, one which will bootstrap the whatever config-mgmt agent I'm going to deploy. – pilcrow Jul 22 '10 at 18:40

Might I suggest checking out Blueprint? It's super-simple configuration management and could help you standardize configs. It can generate re-usable templates from Debian or RPM based systems. Ping me if you have any questions.
