On Tue, 23 Feb 2010 13:15:27 -0500, Mathias Gug <math...@ubuntu.com> wrote: > In Ubuntu we've applied the following patch: > * debian/puppet-common.postrm: > - On purge delete all puppet directories: /etc/puppet, /var/log/puppet and > /var/lib/puppet. > > IIUC /var/lib/puppet isn't deleted when the puppet package was purged > because it would break puppetmaster. Now that common files are shared > with the puppet-common package, purging the puppet package shouldn't > break puppetmaster anymore. > > Moreover log files should be removed when the package is purged.
Ok, this one scares me, only because it makes me worry that we would remove someone's hard work that they've spent crafting recipes in /etc/puppet. Purge should *only* remove the package files that the admins have not touched, instead of rm -rf'ing the whole thing. Or at least defaulting to *not* do it and a debconf question that requires confirmation before nuking it (like in the mysql package's removal of /var/lib/mysql which contains your database data). The /var/log puppet directory clearly needs to go. the /var/lib/puppet directory purge is also a little scary, I'm not sure that this is the right thing to do either. Remember, that directory contains SSL certificates/keys, sometimes facter bits, and people have used it for config-file snippet assembly. Just by looking at this change, I cannot say for sure if it is the right thing to do, I think we'd need to try it, and purge in a number of different scenarios to be sure its ok, just to be safe. micah
pgp1KmE2bJGhD.pgp
Description: PGP signature
