On Mon, Dec 7, 2015 at 8:02 PM, Stroller <strol...@stellar.eclipse.co.uk> wrote: > > That's like telling your grandma, "you don't know what DNS is? this is > internet 101 - you use DNS all the time". > > I have not needed to add directories to CONFIG_PROTECT, or alter it in any > way, in over 10 years of using Gentoo. >
Fair enough, neither have I. I just meant that configruation protection itself is a fairly standard and well-used capability. I get that somebody might not recognize the name for it or the meaning of the environment variable. > > Excuse me. I thought this was a standard thing, just as I have scripts in > /usr/local/bin/ and a local Portage tree in /usr/local/portage/, I would have > assumed that an application like X11 that looks in /usr/share/X11/ for its > configuration files would then look in /usr/share/local/X11/ for any custom > symbols or overrides. No worries. That actually isn't "standard" at all. Most applications completely ignore /usr/local, and arguably this should be their behavior (the purpose of /usr/local is to install your own stuff, not extent stuff in /usr). The older convention is to stick stuff that is likely to be configured in /etc. The newer convention is to stick default config files somewhare in /usr and then allow them to be extended or overridden using files in /etc (which is how other distros are solving the problem that Gentoo solves with configuration protection). In fact, portage ignores /usr/local/portage by default. You have to set a variable or point a repository at it. > > I find a couple of approaches to local customisations which keep the files in > the user's homedir. > Yeah, that is also a less-common approach. I guess it is more common for desktop-y stuff. > I believe strongly in that kind of separation between _system files that the > user has customised_ and _original system files which will be updated and > maintained by the package manager_. However it's not clear that it's so clean > and tidy with X11, and I can certainly see there's a good argument for > CONFIG_PROTECT. Agree. And I don't disagree with the earlier solution to use a configuration management solution. One of my projects for a really dull weekend is to get around to Ansible-izing all my containers. Granted, containers are really easy to snapshot and manage even without this, but it is an excuse to learn Ansible anyway. -- Rich
