Hello Grant,generelly, I totally agree with you! Freedom of changing files everywhere is what makes Gentoo a good, user-suited Linux distribution.
But changing *default files* comes with the risk, that a package update will overwrite it.
Therefore "[...].d/" directories were "invented", where "d" is an abbreviation for "directory" as far as I remember. This is supposed to be the playground for users.
Of course including external files come with risks, but how do you want to balance usability and security? It is difficult to answer this for me as well.
-Ramon On 26/10/2022 05:15, Grant Taylor wrote:
On 10/25/22 9:04 PM, Ramon Fischer wrote:I do not think, that this is a bug, since it is the default file, which should not be edited by the user.I *STRONGLY* /OBJECT/ to the notion that users should not edit configuration files.By design, that's the very purpose of the configuration file, for users to edit them to be what they want them to be.The concept of "don't edit configuration files" seems diametrically opposed to the idea of Gentoo as I understand it. Namely, /you/ build /your/ system to behave the way that /you/ want it to.All changes should be done in "/etc/sudoers.d/" to avoid such cases.Then why in the world does the /default/ file, as installed by Gentoo, include directions to edit the the file?!?!?!Aside: Someone recently posted a comment to the sudo users mailing list (exact name escapes me) wherein their security policy prohibited @includedir explicitly because of the capability that adding a file to such included directories inherently enabled sudo access -or- caused sudo to fail secure and perform a Denial of Service. They were required to use individual @include directives.IMHO telling a Gentoo user not to modify a file in /etc takes hutzpah.
-- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
