On Tue, Jun 13, 2023 at 11:04:07PM +0100, Luca Boccassi wrote: > --- > policy/ap-pkg-alternatives.rst | 3 +++ > policy/ap-pkg-diversions.rst | 3 +++ > policy/ch-binary.rst | 35 ++++++++++++++++++++++++++++++++++ > 3 files changed, 41 insertions(+) > > diff --git a/policy/ap-pkg-alternatives.rst b/policy/ap-pkg-alternatives.rst > index ffa2163..6f7780f 100644 > --- a/policy/ap-pkg-alternatives.rst > +++ b/policy/ap-pkg-alternatives.rst > @@ -24,3 +24,6 @@ See the :manpage:`update-alternatives(8)` man page for details. > If ``update-alternatives`` does not seem appropriate you may wish to > consider using diversions instead. > > +Do not use alternatives for ``systemd`` configuration files. See > +:doc:`ch-binary` for more information. > + > diff --git a/policy/ap-pkg-diversions.rst b/policy/ap-pkg-diversions.rst > index fe360d1..d299d04 100644 > --- a/policy/ap-pkg-diversions.rst > +++ b/policy/ap-pkg-diversions.rst > @@ -81,3 +81,6 @@ when the file does not exist. > Do not attempt to divert a conffile, as ``dpkg`` does not handle it > well. > > +Do not use diversions for files that have their own native override mechanisms, > +such as ``systemd`` unit files. See :doc:`ch-binary` for more information. > + > diff --git a/policy/ch-binary.rst b/policy/ch-binary.rst > index e517f26..19635e7 100644 > --- a/policy/ch-binary.rst > +++ b/policy/ch-binary.rst > @@ -371,6 +371,41 @@ against earlier versions of something that previously did not use > ``update-alternatives``; this is an exception to the usual rule that > versioned conflicts should be avoided.) > > +Diversions are primarily intended as a tool for local administrators or local > +packages to override the behavior of Debian. While there are some circumstances > +where one Debian package may need to divert a file of another Debian package, > +those circumstances are rare and diversions should only be used as a last resort > +when no other suitable mechanism exists. Diversion of a file in one Debian > +package by another Debian package should be coordinated between the maintainers > +of those packages. Maintainers should strongly prefer using other overriding > +mechanisms, instead of diversions, whenever those other mechanisms are > +sufficient to accomplish the same goal. In other words, diversions in packages > +should be considered a last resort. > + > +One specific case of that rule is that configuration files used by > +``systemd`` components, such as `units, > +<https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Description>`_ > +`udev rules, > +<https://www.freedesktop.org/software/systemd/man/udev.html#Rules%20Files>`_ > +`tmpfiles.d, > +<https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html#Configuration%20Directories%20and%20Precedence>`_ > +`modules-load.d, > +<https://www.freedesktop.org/software/systemd/man/modules-load.d.html#Configuration%20Format>`_, > +`sysusers > +<https://www.freedesktop.org/software/systemd/man/sysusers.d.html#Configuration%20Directories%20and%20Precedence>`_ > +and other such files, including those specific to systemd daemons > +(e.g.: `/etc/systemd/system.conf). > +<https://www.freedesktop.org/software/systemd/man/systemd-system.conf.html>`_ > +must not be diverted by any Debian package. Instead, use `masking and drop-ins > +<https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Description>`_. > + > +Alternatives must never be used for ``systemd`` configuration files. The > +alternatives system does not know how to apply changes to services when updating > +alternatives, so the resulting behavior would be confusing and unpredictable. > +Instead, `aliases > +<https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Description>`_ > +can be used to provide alternative implementations of the same named unit. > + seconded. and wondering, if there should be a recommendation similar to consulting debian-devl@l.d.o when introducing epochs, or... ..the other way round: should it be explicitly spelled out that, unlike for epochs, in general there's no need to consult -devel for diversions for packages as they are generally ment for local admins and only in very very very rare cases... (maybe be even more verbose about "other overriding mechanisms"?!) but in any case seconded, things can always be improved, and this is good. -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ Punk ist nicht tot. Punk trägt Maske, ist solidarisch und schützt sich und andere. (@Kreuzpirat)
Attachment:
signature.asc
Description: PGP signature