On 28 Jul 2024 04:25 +0200, from vinc...@vinc17.net (Vincent Lefevre):
>> A conffile is user-managed, so any changes you make to a conffile must
>> be respected by the package. It can't just overwrite your changes, or
>> restore a conffile if you've deleted it.
>
> This is rather poor design, because
> * there isn't a way to say that some default setting must be
> preserved;
> * changes by a user must be respected by the package, but a package
> may decide that such a file is no longer read!
>
> A better design could be to provide Debian / vendor defaults (which
> may change) by some kind of include mechanism. This is more or less
> what fail2ban does, with .conf files and .local files (the .conf
> files are not meant to be changed by the user, so that /usr/lib
> might be a better place than /etc).
Isn't that pretty much exactly what /etc/sysctl.d _is_? Packages can
install files listing defaults (possibly commented out) into that
directory, and the administrator can add a file which lexigraphically
comes later which overrides those defaults and which is not touched by
any vendor-provided package.
Same with many other packages as of late which have historically had
relatively monolithic configuration files under /etc. Everything from
bash (/etc/bash_completion.d, /etc/profile.d) to OpenSSH
(/etc/ssh/{ssh,sshd}_config.d) and Apache (/etc/apache2/*-enabled).
This is a _good_ thing IMO, as it reduces brittleness.
It seems to me that if the administrator overrides a default, then the
onus is on the administrator to maintain the intended effect of that
override (including syntactic changes after a package upgrade), or
remove the override if it's no longer relevant or useful.
--
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”
