Re: Conffiles
Manoj Srivastava <srivasta@ieee.org> writes:
> On Sun, Jan 03 2010, Russ Allbery wrote:
>> I don't believe that listing symlinks as conffiles works properly at
>> the moment. See #421344. It doesn't make any sense to list a
>> directory as a conffile. I think that exhausts all the non-regular
>> files that can be in a Debian package.
> A conffile is, after all, a configuration file. As such, it
> contains configuration data, and user changes to such data is what
> policy is concerned about preserving. Merely the presence or absence of
> a inode or a link does not rise to the level of "configuration data",
> in my view. Why add restrictions on what people can do?
I think a symlink created by the package in /etc should be handled like a
conffile in the sense that if the sysadmin changes the symlink to point to
a different path, that's a change that should be preserved. As I recall,
that's the scenario that prompted Bug#421344 originally. Currently, I
believe such changes are not preserved on package upgrade.
> Now, if the target of the symlink is under /etc, then the target
> is really the configuration file, if the target does not lie under
> /etc, we have a policy violation.
Symlinks in /etc pointing to files not in /etc are used now, so I'm not
sure they should be Policy violations. /etc/nologin is the canonical
example. Depending on how and whether Debian adopts upstart, we may have
other cases.
>> Symlinks as conffiles should ideally work. I think it's just a bug in
>> dpkg that they don't.
> While it could be made to work, I am not sure I agree that the
> result would require the same protection in policy.
> I am willing to be persuaded otherwise on this.
Well, I think all that Policy requires for configuration files that would
be relevant to symlinks is:
* If the administrator removes it, it stays removed on package upgrade.
* If the administrator changes it, which in the case of a symlink just
means pointing it to a different path, that change is either preserved
or prompted about.
Both of those seem feasible and reasonable to me. (Of course, someone
would need to do the work, and I don't think it's the highest-priority
dpkg development goal.)
I'm not sure what the implications of changing the symlink to be a real
file or a directory would be. (I'm not sure what happens if an
administrator changes a regular conffile to a directory.)
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: