On 2015-07-31, Benny Lofgren <[email protected]> wrote: > So I borrowed an idea from how the Courier MTA/IMAP/POP3 server manages > some of its configuration files: > > The system could check whether /etc/ssl/cert.pem (or whatever path any > particular application provides) is a regular file, in which case > business as usual. > > But if it is a *directory* then LibreSSL would internally concatenate > all of its contents (or, for example, just all *.pem files) when > initializing the certificate chain.
We have directories like this for fontconfig settings, but they don't work very well in practice with updates - if a file is removed, sysmerge puts it back. Sysmerge could have some different handling but it needs some way to decide whether or not to install a file that is present in etc.tgz but not on disk; is it new or was it an old file that the sysadmin wanted to disable? It would also need to gain the ability to *remove* files from the directory (but without removing locally-added files). The single-file approach at least makes things simple for the majority who don't edit the file though, and works with our existing upgrade tools.
