So I rolled out 2.1.2 a few nights ago, and since I’'m running it on RHEL I decided to see if rpm -U would do the right thing. Lucky I made a backup of the install dir tree, because the new rpm clobbered:
all the file perms on the install dir and subdirs
I’'m using MySQL as my data backend, so that was no trouble, but I gather that if I had been using the embedded database that would have been overwritten as well.
This could cause problems for some people who forget backups. Especially the keystore part, in cases where someone (like me) may have shelled out money to a pay-for-trust CA instead of using self-signed certs. One little rpm command could cost hundreds of dollars.
So, I’'d like it if future rpm releases were more savvy about which files should be replaced and which should be named file.rpmnew, and had scripts that fixed perms. Updating could get tiresome otherwise for large multi-domain installations.