Package: nftables Severity: wishlist X-Debbugs-Cc: j...@joshtriplett.orgThere are two potential reasons to install the nftables package: to have it run at boot time, or to run the nft tool manually. If only doing the latter and not the former, the service is not necessarily desirable. Please consider either: - shipping an nftables-bin package that just provides nft but not the system service, or - making the systemd unit use ConditionPathExists=/etc/nftables.conf , so that it does nothing if the script does not exist, and then removing the default configuration file and shipping it as an example in /usr/share/doc/nftables. The latter seems easier. This would make it easy to install nftables and use nft without changing anything about system boot, and then still easily create /etc/nftables.conf and have it work automatically.
the nftables package does not enable the service file by default so it does not affect system boot. So in a sense it is already conditional (on the admin explicitly enabling it).
I thus don't see a huge value in splitting out the nft binary into a separate binary package.
Regards, Michael
OpenPGP_signature.asc
Description: OpenPGP digital signature
