[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ca-certificates symlinks out of /etc

On Tue, Oct 31, 2006 at 07:10:45PM +0100, martin f krafft wrote:
> The recent ca-certificates upgrade overwrote this "configuration"
> simply because my /bin/cat call actually changed a file in
> /usr/share, where changes by the admin are not preserved. Yet, due
> to the links in /etc/ssl/certs, the admin is given the impression
> that these are configuration files and can thus be edited according
> to Debian's holy conffile handling policy.

> I consider this a bug, and even release-critical, and would say that
> ca-certificates should use ucf to maintain the certificates in
> /etc/ssl/certs. Arguments against that are to keep /etc small, but
> at 444k I don't see ca-certificates being a culprit.

Not release critical.  You're welcome to debate whether it's a bug to ever
use symlinks in /etc, but Alex is right -- the historical understanding of
"configuration" here is the symlinks, not the targets.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Reply to: