Re: software updates file in /usr -- policy bug?

To: debian developers <debian-devel@lists.debian.org>
Subject: Re: software updates file in /usr -- policy bug?
From: Santiago Vila <sanvila@unex.es>
Date: Mon, 25 Oct 2004 19:44:19 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.61.0410251928150.301@cantor.unex.es>
In-reply-to: <[🔎] 20041025171145.GA23454@cirrus.madduck.net>
References: <[🔎] 20041025171145.GA23454@cirrus.madduck.net>

On Mon, 25 Oct 2004, martin f krafft wrote:

> Hi all,
> 
> apt-spy and pciutils (and possibly others) contain methods to update
> a database integral to their operation.
> 
>   - `apt-spy update` downloads the list of available Debian mirrors
>     to /usr/share/apt-spy (see #277816).
> 
>   - `update-pciids` downloads a new /usr/share/misc/pci.ids
> 
> I think these are both in violation with the FHS, which states
> (Chapter 4, emphasis mine, using caps instead of asterisks for
> readability):
> 
>   "/usr is shareable, READ-ONLY DATA. That means that /usr should be
>   shareable between various FHS-compliant hosts and MUST NOT BE
>   WRITTEN TO."
> 
> The apt-apy maintainer thinks this is okay because (from the bug
> report):
> 
>   apt-spy does not "dynamically update".  It updates *if and ONLY
>   if* you ask it to.  I do not see this as a violation of the spirit
>   of the FHS.  I'm more than happy to have discussion about this.
> 
> If this holds, then why does `apt-get update` modify files in
> /var/lib/apt/lists, and why is /var/lib/dpkg/status not really
> /usr/lib/dpkg/status?
> 
> Well, two wrongs don't make a right, nor does APT/dpkg's choice for
> /var make using /usr for changeable resource data wrong for
> everyone, but I still think that apt-spy's mirror list and the PCI
> IDs should be kept in /var, since they are variable data.

Having a program asking the user "do you want to violate the FHS?"
does not make it not to be a violation. I would much prefer not to
have to answer such questions.

Some people might want to have /usr mounted read-only except when
using dpkg/apt to upgrade the system. The FHS says this should work,
so any program which fails because it tries to write to /usr could be
considered as a bug.

Even if the file is updated only by the postinst, it is useful to know
that you can recover a broken system from scratch by having:

* A backup copy of /etc, /var, /home, /usr/local, etc. (but not /usr).
* The list of installed packages.

I think this is a good property of the system that we should try to keep.

Would the user benefit from having the freedom to change apt-spy or pci.ids?
If yes, then those files would be much better placed in /etc. Just because
it is a "database" does not mean it may not be modified by the user.
Think about /etc/services for example.

Reply to:

Follow-Ups:
- Re: software updates file in /usr -- policy bug?
  - From: Mike Hommey <mh@glandium.org>

References:
- software updates file in /usr -- policy bug?
  - From: martin f krafft <madduck@debian.org>

Prev by Date: Re: Drop testing
Next by Date: Re: an idea for next generation APT archive caching
Previous by thread: software updates file in /usr -- policy bug?
Next by thread: Re: software updates file in /usr -- policy bug?
Index(es):
- Date
- Thread