[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Do not plan to support /usr/lib/pam.d for Debian pam

Marco d'Itri <md@linux.it> writes:
> On Sep 15, Sam Hartman <hartmans@debian.org> wrote:

>> I have significant discomfort aligning what you say (pam is the last
>> blocker) with what several people said earlier in the week.  What I
>> heard is that there was no project consensus to do this, and that
>> people were running experiments to see what is possible.

> Indeed. I did the experiments and they where unexpectedly positive:  pam
> is the only blocker for booting _the base system_.

> I never expected that everything would immediately work just fine with
> an empty /etc: my goal is to have support for this in the base system
> and selected packages.

This started as an experiment: you were going to try running the base
system in this mode with existing packages and see what happens.  You ran
that experiment and got results: it doesn't work, but it appears to only
work because of PAM.  So far, so good.  You ran an experiment, the result
was that the thing you want to do doesn't work, and now you understand
what changes would be required to move forward.

However, and this is very important, *no one has decided that you get to
do that work in Debian*.

Insofar as this is just a personal goal, sure, that's none of the business
of anyone else.  But if you want this to be a *project* goal, you're
skipping a few important steps.

The biggest ones is that there is no *plan* and no *agreement*.  By plan,
I mean an actual document spelling out in detail, not email messages with
a few sentences about something that is familiar to you but not to other
people who haven't been thinking about this, what base system support
would look like.  And by agreement, I mean that the maintainers of base
system components agree that this is something that we are working towards
as a project and something that they would not break lightly.

Right now, any base system package maintainer could decide that putting
configuration files in /etc makes sense for reasons of their own limited
to their specific package and further break support for booting a system
in this mode, and there are no grounds to ask them not to do this.
Because you don't have an *agreement*.

I feel like there is a tendency to consider work on Debian to be purely
technical.  If you turn it on and smoke doesn't come out, it works, so we
have implemented that thing, and the goal is accomplished.  This doesn't
work, precisely because other people break your goal later (because they
were never asked or never agreed with that goal), and then they are very
confused about why you're upset and why your problems are now their
problems.  Or, worse, their packages are broken as collateral damage in
accomplishing some goal, and you then argue that it's their problem to fix
their packages, even though there was no agreement about that goal.

Accomplishing things like this in Debian has a large social component that
I think is being neglected.

Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>

Reply to: