On Sun, 4 Jun 2023 at 12:25, Luca Boccassi <bl...@debian.org> wrote: > > On Sun, 4 Jun 2023 at 11:54, Sean Whitton <spwhit...@spwhitton.name> wrote: > > > > Hello Luca, > > > > On Mon 08 May 2023 at 08:07PM +01, Luca Boccassi wrote: > > > > > The specific difference, for which I think an explicit call out is > > > needed, is because these config files are shipped by some packages but > > > are not used _by_ them, they are consumed by systemd (or udev, or > > > kmod, etc). Specifically, if package A ships a.service, and package B > > > overrides it, even if the maintainers of A and B agree, that's still > > > not good enough for me, as they are really affecting systemd, which is > > > the consumer and the provider of the interface they are using, and > > > ultimately the first port of call for bug reports. This is especially > > > true for udev. > > > > > > So in my latest revision of the patch, the general rule is as > > > requested by Russ and as you mention it, but there is an explicit, > > > stricter rule to cover this case, which is important to me. Policy > > > calls out core component software in many places, such as dpkg, and > > > systemd is already mentioned in other parts of the policy, so it did > > > not seem too far-fetched to me. > > > > I'm afraid I'm not convinced. I'd second a patch where systemd is used > > as an example of the rule, as I suggested. > > The existing policy is too weak for this case, ie: it's a "should". It > needs to be a "must" for these specific cases. Also the existing > policy only covers diverting from other packages, not from 'self' - > that needs to be forbidden too. There was one such example, > iptables-persistent, and it has been fixed in Bookworm, so to be clear > this is a zero-net-effect policy change, ie, no packages will suddenly > become rc-buggy, as the two existing instances have already been > fixed. > > If you prefer, I can reword the general rule to be stricter, ie: > "packages must not use diversions where native mechanisms are > available" or so. Would this be better? > > > Thank you for the additional commit regarding kmod. It is good to have > > been made aware of issue, but let's discuss it in a separate bug after > > making this change -- the considerations might be quite different. > > > > On Tue 09 May 2023 at 12:31AM +01, Luca Boccassi wrote: > > > > > On Mon, 08 May 2023 14:14:30 -0700 Russ Allbery <r...@debian.org> wrote: > > > > > >> Oh, thank you! I had completely forgotten that we said something > > >> about this under maintainer scripts. > > >> > > >> That doesn't entirely cover this case (because systemd and udev may > > >> not be "that package" in this sense), but it covers much of the > > >> general case. > > > > > > Would you like me to reword/move the new snippet? > > > > Yes, thank you. I will review the new version. > > Any specific suggestions? IE, where it should be, etc.
In the interest of speeding things up a bit, I've done some rewording as suggested - moved to the exiting chapter, and use the systemd files only as an example: https://salsa.debian.org/bluca/policy/-/commit/5058bd2f8c742c3d8695e2c98ee3a597d431ffd7 Off-topic - any reasons MRs are disabled on the policy repo? It would be much nicer and quicker to use the Gitlab review process I think, like we do for other packages. Kind regards, Luca Boccassi
