Posted by: kezhong | June 15, 2011

Make yum to trigger a script after yum update on Fedora 15

We installed Fedora 15 on a server using Kickstart. After using yum update, we found we could not login the server remotely. Because we were using ldap to authenticate users, and yum updated the files in the /etc/pam.d directory.

We need our previous configuration files, so I wrote a script to recover them, and modified the yum command to make yum to trigger the recovery script after run “yum update” each time. The following is what I did.

Create a recovery script
# vim /usr/local/bin/script1
echo “The following will be executed after yum update”
cp /root/system-auth-ac /etc/pam.d/system-auth-ac
cp /root/password-auth-ac /etc/pam.d/password-auth-ac

Make it executable
# chmod a+x /usr/local/bin/script1

Modify the /usr/bin/yum command file
Insert “import os” before “import sys”, and append the below at the end of the file
    os.system(‘cp -f /root/yum /usr/bin/yum’)
    if len(sys.argv) > 1 and “update” in sys.argv:

Backup the modified yum command file
# cp /usr/bin/yum /root



  1. If a config file is being replaced (old one -> filename.rpmsave) instead of the old configuration being kept and the new one being saved (new config -> filename.rpmnew), then it usually indicates that there has been an incompatible update in the configuration file layout or options, and the old config file will need some changes to work with the updated software. In that case, installing the old config file may not result in the expected operation.

    (On the other hand, if the configuration is not being preserved in a situation where it could have been used without change, then that’s a bug, and should be filed in bugzilla; likewise, if neither .rpmsave nor .rpmnew is created, then the file is not recognized as a config file in the RPM spec, and a bug should also be filed :-)

  2. Hello Chris,

    Long time no see. I miss you and professors of Seneca. Thank you for your commenting.
    I checked the server and tried to use the following command to find .rpmsave or .rpmnew, but I found nothing

    # find / -print | egrep “rpmnew$|enabled$”

    So I think it is a bug.

    BTW, I think if the developers could make a trigger for the yum update, it would be convenient for users. I have another experience that my customer installed CentOS on a hardware raid, the system could not reboot after yum update. Because they didn’t recompile the driver on the new release. So what we can do is just modifying the yum command manually like my post.

  3. Rather than modifying /usr/bin/yum, a much nicer solution is to install yum-plugin-post-transaction-actions.noarch

    This is available in RHEL6, so it should be available for Fedora.

    It doesn’t seem particularly well documented, but it will create a directory /etc/yum/post-actions. In that directory, create an “action” file for each RPM name that you want things to be done after installation for. In my case, I wanted to run a script to update the NVIDIA driver every time I installed a new kernel.

    The .action file takes a package name, an action (e.g. upgrade, install), and a script name. You can also pass variables such as the package version to the script. So I’ve got a line that looks like this in /etc/yum/post-actions/kernel.action:
    kernel:install:/usr/local/sbin/ $ver-$rel.$arch.

    After installing a new kernel, yum calls that script.

    If you use this method, it will be much cleaner, and you won’t risk losing modifications when yum gets updated.

    Just wish it was in the mainstream RHEL 5 repos…

    • thank you

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: