- Purpose: semi-automate maintenance task
- Scope: Arch-based Linux distros
When distros using pamac (or one of it derivatives) for package management encounter conflicts between updated distribution config files and locally-edited config files, they preserve the local sysadmin's edits and save the distribution's recommended config file under <originalname>.pacnew in the same directory (/etc/**).
It is the task of the sysadmin to merge the recommended changes from the distro packager into their own config files.
The recommended changes account for updates in the OS and security patches, so it is a good idea to apply the changes regularly, and not to let the *.pacnew files accumulate unheeded.
Running a fully-featured editor, with plugins, on a system config file as root is asking for trouble, because that's a lot of code you've got to trust with your system's welfare! Hence there's sudo -e or sudoedit provided to copy your config file to a user-editable temp file, fire up your default editor on it, and copy it back over the original config when it's been edited; thus denying the editor root access, but getting that one specific file updated.
However, in this situation, I am more likely to want to use a merge tool than a general editor. I definitely don't want to run a gui merge tool as root, so I want a safe wrapper that is to my merge tool what sudoedit is to my editor.
- Identify
.pacnewfile - Find its pair (mine)
- Copy both to /tmp/mine#, /tmp/pacnew#, respectively
- Run merge tool on the the temp files
- Exit if nothing has changed
- Backup my original
- sudo overwrite my original with the merged /tmp/mine#
- Cleanup tmp
- sudo rename
*.pacnewfile*.applied_pacnew_<YYYY-mm-dd>
Remember to keep it super simple, so it is easily verifiable as safe to run!