Bug#1035733: debian -policy: packages must not use dpkg-divert to override default systemd configuraton files
On Tue, 6 Jun 2023 at 11:45, Sean Whitton <spwhitton@spwhitton.name> wrote:
>
> Hello,
>
> On Sun 04 Jun 2023 at 01:35PM +01, Luca Boccassi wrote:
>
> > In the interest of speeding things up a bit, I've done some rewording
> > as suggested - moved to the exiting chapter, and use the systemd files
> > only as an example:
> >
> > https://salsa.debian.org/bluca/policy/-/commit/5058bd2f8c742c3d8695e2c98ee3a597d431ffd7
> >
> > Off-topic - any reasons MRs are disabled on the policy repo? It would
> > be much nicer and quicker to use the Gitlab review process I think,
> > like we do for other packages.
>
> It's actually on-topic -- can you post your proposed patch to this bug
> for inline review, please? This is documented in README.md. The main
> reason we have MRs disabled is that we want a complete record of the
> discussion that led up to a Policy change to be recorded in the BTS.
>
> A secondary reason is that I strongly disprefer doing patch review using
> an interface other than my mail client.
Well, the README says:
"Please submit a bug to the BTS, either with patches attached, or a
reference to a git branch that is publically fetchable."
The whole project is moving toward git and Salsa, and it is very
annoying to have to do drive-by contributions via email, it really
sucks as a process for contributors, so please consider re-evaluating
this in the future. Patch attached.
Kind regards,
Luca Boccassi
From 5058bd2f8c742c3d8695e2c98ee3a597d431ffd7 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Mon, 8 May 2023 03:21:14 +0100
Subject: [PATCH] Forbid using dpkg-divert/alternatives when there are native
mechanisms
The supported mechanism for augmenting, changing, overriding and
disabling systemd configuration files is natively supported and fully
integrated in Debian, via drop-ins, hierarchical overrides, and
masking. dpkg-divert is not integrated in systemd tools so its use
is completely hidden in logs and status interfaces, and it is specific
to Debian and thus diverges from what users expect as implemented by
all other distros, going against one of the core goals of the systemd
project which is to provide a uniform interface regardless of distro
vendor or flavour.
Clarify that diversions and alternatives should only be used when
needed, with cooperation, and must not be used when there are native
mechanisms to obtain the same goals, and use systemd files as an
example.
---
policy/ap-pkg-alternatives.rst | 4 ++++
policy/ap-pkg-diversions.rst | 4 ++++
policy/ch-binary.rst | 31 +++++++++++++++++++++++++++++++
3 files changed, 39 insertions(+)
diff --git a/policy/ap-pkg-alternatives.rst b/policy/ap-pkg-alternatives.rst
index ffa2163..1cfd3e6 100644
--- a/policy/ap-pkg-alternatives.rst
+++ b/policy/ap-pkg-alternatives.rst
@@ -24,3 +24,7 @@ See the :manpage:`update-alternatives(8)` man page for details.
If ``update-alternatives`` does not seem appropriate you may wish to
consider using diversions instead.
+Do not attempt to use alternatives for files belonging or used by components
+that support native overriding mechanisms, such as ``systemd`` unit files. Read
+:doc:`ch-binary` for more information.
+
diff --git a/policy/ap-pkg-diversions.rst b/policy/ap-pkg-diversions.rst
index fe360d1..09367d7 100644
--- a/policy/ap-pkg-diversions.rst
+++ b/policy/ap-pkg-diversions.rst
@@ -81,3 +81,7 @@ when the file does not exist.
Do not attempt to divert a conffile, as ``dpkg`` does not handle it
well.
+Do not attempt to divert files belonging or used by components that support
+native overriding mechanisms, such as ``systemd`` unit files. Read
+:doc:`ch-binary` for more information.
+
diff --git a/policy/ch-binary.rst b/policy/ch-binary.rst
index e517f26..e36d028 100644
--- a/policy/ch-binary.rst
+++ b/policy/ch-binary.rst
@@ -371,6 +371,37 @@ against earlier versions of something that previously did not use
``update-alternatives``; this is an exception to the usual rule that
versioned conflicts should be avoided.)
+Diversions and alternatives should be used primarily as a tool for local
+administrators and local packages to override the behaviour of Debian. Its use
+between Debian packages should be rare, should involve coordination between the
+packages and their maintainers, and must only be used to solve problems that
+cannot be handled through other facilities or native mechanisms.
+In other words, packages in Debian must not divert a file from another package
+unless this is arranged cooperatively between the packages to solve some
+specific and unusual problem.
+
+For example, configuration files that are used by ``systemd`` components, such
+as `units,
+<https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Description>`_
+`udev rules,
+<https://www.freedesktop.org/software/systemd/man/udev.html#Rules%20Files>`_
+`tmpfiles.d,
+<https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html#Configuration%20Directories%20and%20Precedence>`_
+`modules-load.d,
+<https://www.freedesktop.org/software/systemd/man/modules-load.d.html#Configuration%20Format>`_,
+`sysusers
+<https://www.freedesktop.org/software/systemd/man/sysusers.d.html#Configuration%20Directories%20and%20Precedence>`_
+and other such files, including those specific to systemd daemons (e.g.:
+`/etc/systemd/system.conf).
+<https://www.freedesktop.org/software/systemd/man/systemd-system.conf.html>`_
+must not be diverted by packages using ``dpkg-divert`` or
+``update-alternatives``, even if the respective package maintainers agree,
+because systemd and all its components natively support overriding configuration
+files as they are shipped by the distribution, for both local administrator
+changes and for changes applied from other packages. Those native mechanisms
+must be utilized to override, enhance or mask systemd configuration files, as
+defined in the apposite systemd documentation.
+
.. _s-maintscriptprompt:
Prompting in maintainer scripts
--
2.39.2
Reply to: