On Monday 17 December 2007, Joey Hess wrote: > If the keymap has already been installed earlier in the installation, > why can't console-* notice that there is a keymap installed, and skip > asking about it? Why do we need a separate way to communicate this to > console-* at all? Because a dpkg-reconfigure needs to ask the question even if a keymap is installed. > If some other communication than creating the keymap file is needed > for reasons I don't understand, creating a file not in /tmp seems very > doable. But is just as random. And it leaves the possibility that the file will remain on the target system for all time if finish-install is not run or not completely run for some reason . I decided on /tmp as the file really _is_ a temporary file: exists only for the duration of the installation. And I made sure it was in a temp directory that could be said to be "controlled" by D-I because of its name. As you said yourself: there's absolutely no attack vector. > The other option would be debconf preseeding, and preseeding > console-data/keymap/policy seen should avoid the question. And would be > less ugly than a flag file. But it would affect an 'aptitude reinstall' of the package. As the user did not _himself_ ask for a seen flag to be set here (as in the case of preseeding ), I did not consider this a very nice solution. Also, post-base-installer is pretty early for messing with preseeding in /target. We normally only do that in pkgsel. I agree it could be done, but it does not seem that much cleaner to me than a flag file. Cheers, FJP  I'm aware of course that such a system is in principle broken anyway.  I've been wondering a few times whether we shouldn't just reset all seen flags in the debconf database in /target at the end of an install anyway. If we did that my objection would be resolved too.
Description: This is a digitally signed message part.