[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SOLVED] Re: old entries in sources.list?

On Fri, Jun 20, 2025 at 11:53 AM Greg Wooledge <greg@wooledge.org> wrote:
>
> On Fri, Jun 20, 2025 at 11:40:59 -0400, Jeffrey Walton wrote:
> > On Fri, Jun 20, 2025 at 11:30 AM <tomas@tuxteam.de> wrote:
> > >
> > > On Fri, Jun 20, 2025 at 11:06:51AM -0400, Jeffrey Walton wrote:
> > > > On Fri, Jun 20, 2025 at 10:37 AM Greg Wooledge <greg@wooledge.org> wrote:
> > > > >
> > > > > On Fri, Jun 20, 2025 at 10:15:47 -0400, Jeffrey Walton wrote:
> > > > > > SSH config files are located in /etc, too. But admins are expected to
> > > > > > make changes to /etc/ssh/sshd_config.d/, and not /etc/ssh/sshd_config.
> > > > >
> > > > > That's definitely false.
> > > >
> > > > You will absolutely lose your sshd_config when the package is upgraded
> > > > and you choose the maintainers version of the file.
> > >
> > > No.
> > >
> > > You will be asked, as for every conffile.
> >
> > Please don't do that selective quoting found in dumpster fires like
> > social media: "... and you choose the maintainers version of the
> > file."
>
> You're missing the point.  The point is you are ASKED whether you want
> to keep your modified conffile or replace it with the maintainer's
> version.  The DEFAULT is to keep your modified file.

I'm not going to argue the problems with this.

> If you select to replace it, then sure, you'll "lose" your modifications,
> except that they're actually saved for you (your modified file is simply
> renamed), so you can still review it and manually edit the new file.

I'm not going to argue the problems with this.

> So, your argument is a straw man.  You're saying that if you do a
> sequence of bad things that are not the default, but something you've
> explicitly chosen of your own free will, that your life will be slightly
> less convenient.  Sure, that's true.  But you could also just NOT do
> those things.

I'm not going to argue the problems with this.

> Also, the OTHER point you got wrong is where you claim "admins are
> expected to make changes to *.d".  That's simply incorrect.  Admins
> are expected to make changes to sshd_config just like they've always
> done, ever since long before *.d was invented.  That's why the packaging
> system ASKS you about your modified conffile and protects it with
> multiple layers of insurance.

Unfortunately, I cannot find a Debian specific article on
configuration directories. However, Red Hat has "Linux configuration:
Understanding *.d directories in /etc,"
<https://www.redhat.com/en/blog/etc-configuration-directories>. Now
that we have configuration directories, admins are expected to make
their changes in them so:

    Instead of editing this single file each time an application
    is added or updated on the system, we separate the
    configuration for each application to a specific file.

The point is, you don't want to do gyrations on updates, like copying
fragments of an old config into a new config.

> The entire system was designed and built around the idea that conffiles
> would be hand edited and must be preserved.
>
> That includes sshd_config.

Jeff
Reply to: