O Yum suporta plugins, então é perfeitamente possível escrever um plugin que leia o manifesto de fantoches em cache e avisa quando uma transação irá sobrescrever um arquivo controlado por fantoches. Eu não estou ciente de um plugin existente que faz isso, mas eu
O plug-in verifica todos os pacotes recém-instalados / atualizados / rebaixados, informa quais arquivos gerenciados por fantoches ele irá sobrescrever e solicita uma confirmação para fazê-lo.
[root@camel ~]# yum update pam
Loaded plugins: puppet, security
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package pam.i386 0:0.99.6.2-12.el5 set to be updated
---> Package pam.x86_64 0:0.99.6.2-12.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================
Updating:
pam i386 0.99.6.2-12.el5 base 983 k
pam x86_64 0.99.6.2-12.el5 base 982 k
Transaction Summary
===============================================================================================================================================================
Install 0 Package(s)
Upgrade 2 Package(s)
Total download size: 1.9 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): pam-0.99.6.2-12.el5.x86_64.rpm | 982 kB 00:00
(2/2): pam-0.99.6.2-12.el5.i386.rpm | 983 kB 00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 8.7 MB/s | 1.9 MB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/pam.d/system-auth
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/access.conf
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/limits.conf
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/pam.d/system-auth
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/access.conf
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/limits.conf
Is this ok [y/N]: n
Aborting
[root@camel ~]# yum update pam
Loaded plugins: puppet, security
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package pam.i386 0:0.99.6.2-12.el5 set to be updated
---> Package pam.x86_64 0:0.99.6.2-12.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================================
Updating:
pam i386 0.99.6.2-12.el5 base 983 k
pam x86_64 0.99.6.2-12.el5 base 982 k
Transaction Summary
===============================================================================================================================================================
Install 0 Package(s)
Upgrade 2 Package(s)
Total size: 1.9 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/pam.d/system-auth
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/access.conf
Installing pam-0.99.6.2-12.el5.i386 overwrites puppet-managed file /etc/security/limits.conf
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/pam.d/system-auth
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/access.conf
Installing pam-0.99.6.2-12.el5.x86_64 overwrites puppet-managed file /etc/security/limits.conf
Is this ok [y/N]: y
Updating : pam 1/4
Updating : pam 2/4
Cleanup : pam 3/4
Cleanup : pam 4/4
Updated:
pam.i386 0:0.99.6.2-12.el5 pam.x86_64 0:0.99.6.2-12.el5
Complete!
O próprio plug-in pode ser encontrado no meu repositório de hacks do github .
Nov. 8 atualização 2013:
Como sugerido nos comentários, eu agora transformei isso em um projeto maior para melhorar a interação entre Yum e Puppet. Você pode encontrar no GitHub .