Bug#780797: Package modifying a user-modified config file? [Bug #780797]
> On Sun, 2015-03-22 at 20:35 +0000, Colin Watson wrote:
>> Anyway, I would appreciate it if people could refrain from filling
>> my mailbox further about this bug. :-)
> One last thing perhaps. O:-)
Colin: my apologies for adding work [especially so if any of the
work added is unnecessary]. I'm sure you meant well; I do too.
On 03/22/2015 06:18 PM, Christoph Anton Mitterer wrote:
[...]
>> I haven't had time to deal with it over the last couple of days
>> (Debian developer in having a social life shocker!), but in brief I
>> intend to revert the offending change in its entirety as it's
>> clearly causing far more trouble than it can possibly be worth.
>> I'll post further rationale when I get half a chance.
>
> Well I don't really care that much, as said my intention was just to
> improve defaults for others.
>
> But to be honest, and without intending to offend any of the
> others,... it kinda seems to me that people make a mountain out of a
> molehill.
Christoph: there may be a lack of empathy in your response statements.
Please try to "put yourself in the user's shoes" -- the issue looks
very different from that perspective. [I'm likewise considering this
from the maintainer perspective.]
> The change is really little, for well grounded security reasons it's
> actually intended by upstream that non env vars are send/accepted
> unless explicitly allowed by the admin. So people who complain now
> likely just abused that "hole" in Debian's default all the years,
> which is however no grant for a right to do so forever.
Again: at least for me, it's not about /this/ particular change, it's
about changes happening to user-modified configs on upgrades without
dpkg prompting. sshd_config is literally /the/ most important config
file on systems for me, and therefore it's also the file that's most
sensitive. [ssh_config similarly.]
In terms of the /particular/ changes made to ssh_config and sshd_config
in this case, I made the assumption that it was for good reasons and
with good intentions so that's why I didn't object to that. But... at
the same time I keep in mind that "the road to hell is paved with good
intentions". (Which could also include me strongly objecting.)
> It feels a bit like the systemd debate where a loud minority started
> an outcry about things which in reality probably didn't even affect
> them.
Since you mention it, I'll just say that the systemd debate is another
place marked by arguments that often lack empathy and understanding of
the the other person's perspective.
-- Chris
--
Chris Knadle
Chris.Knadle@coredump.us
Reply to: