Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Anthony Towns aj@azure.humbug.org.au writes:

 Really? What is it? I only saw comments that amount to I interpret
 policy this way and other things do it this way, neither of which is
 a response to my original request for someone to give a good reason why
 randomly deleting config files of installed packages is the best way to
 go about things, and should be supported.

I didn't say that it was the best way to go about things; even Manoj
didn't say that.  Still, users who read the current policy document
might be misled (at least two people, one of the Manoj, have read the
policy to be contrary to what you want).  So, if the packages aren't
going to be changed, then policy should be.

 Well, I suppose I could change the scripts to cope, and change inetd to
 just enable all its internal services unless told otherwise, so anyone
 who was stupid enough to think removing the config file would do any
 good could get their machine DoS'ed off the .net thanks to a handful of
 untracable spoofed packets. Because, hey, personal whims, and the letter
 of policy are what matters, not the needs of our userbase, right?

No, a perfectly reasonable alternative would be to change policy to
match.  I don't care which alternative is chosen.

Thomas

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Branden Robinson]

On Wed, Sep 25, 2002 at 12:38:22PM +1000, Anthony Towns wrote:
 Why the fuck do we have to have a debate about this?

A wise man once said something like, how hard is it to give the reasons
why you object to the suggestion, rather than just puffing out your
chest and declaring your opposition?

-- 
G. Branden Robinson| You don't just decide to break
Debian GNU/Linux   | Kubrick's code of silence and then
[EMAIL PROTECTED] | get drawn away from it to a
http://people.debian.org/~branden/ | discussion about cough medicine.


pgpVLNBWhErBs.pgp
Description: PGP signature

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Anthony Towns]

On Tue, Sep 24, 2002 at 09:05:12PM -0700, Thomas Bushnell, BSG wrote:
 I didn't say that it was the best way to go about things; even Manoj
 didn't say that.

So you're saying bugs should be filed to encourage packages to choose
a less optimal way of doing things than what currently happens?

 No, a perfectly reasonable alternative would be to change policy to
 match.  I don't care which alternative is chosen.

And, further, you don't actually care which is the best solution, but
you're trying to sanctify it for future generations?

Look everyone, the policy process failing as you watch!

Cheers,
aj

-- 
Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/
I don't speak for anyone save myself. GPG signed mail preferred.

 ``If you don't do it now, you'll be one year older when you do.''


pgpa7xN7YvNv4.pgp
Description: PGP signature

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Manoj Srivastava]

Anthony == Anthony Towns aj@azure.humbug.org.au writes:

 Anthony On Tue, Sep 24, 2002 at 07:54:15PM -0700, Thomas Bushnell, BSG wrote:
  We have to have a debate about it because there is an actual
  substantive disagreement between you and Manoj.  

 Anthony Really? What is it? I only saw comments that amount to I
 Anthony interpret policy this way and other things do it this
 Anthony way, neither of which is a response to my original request
 Anthony for someone to give a good reason why randomly deleting
 Anthony config files of installed packages is the best way to go
 Anthony about things, and should be supported.

And I have seen little cogent rationale from you on this bug
 (lots of foaming at the mouth, but that seems par for the course).
 Do I now have to explain to you why preserving user changes is
 desirable behaviour? 

  If you don't think
  it's that important, then say so, and Manoj could put in a policy
  change to make explicit that deletions must be preserved.

 Anthony Well, I suppose I could change the scripts to cope, and
 Anthony change inetd to just enable all its internal services unless
 Anthony told otherwise, so anyone who was stupid enough to think
 Anthony removing the config file would do any good could get their
 Anthony machine DoS'ed off the .net thanks to a handful of
 Anthony untracable spoofed packets. Because, hey, personal whims,
 Anthony and the letter of policy are what matters, not the needs of
 Anthony our userbase, right?

You are being a moron. I guess the stress of your position
 have caused you to snap. Change the above to be _disable_ all
 services unless told otherwise, and you have a reasonable behaviour
 for inetd.

System defaults should be sane, and for inted, seems like
 failing secure is a good way to go. The default file shipped with
 inetd should be the same: no services open by default.


If the file is removed, do not regenerate it.

manoj
-- 
 Some men are so interested in their wives' continued happiness that
 they hire detectives to find out the reason for it.
Manoj Srivastava   [EMAIL PROTECTED]  http://www.debian.org/%7Esrivasta/
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Manoj Srivastava]

Anthony == Anthony Towns aj@azure.humbug.org.au writes:

 Anthony On Tue, Sep 24, 2002 at 11:11:20AM -0500, Manoj Srivastava wrote:
  justification: this is not a flaw in the policy, at best, this may be
  a proposal to change policy to codifying, in my opinion, a less
  desirable behaviour, and should be treated like any other proposal

 Anthony For heaven's sake, does someone have to disagree with _EVERYTHING_?

Cause we can think, and heaven forbid, sometimes even form
 opinions, and not always have the same opinions as you do?

  Sorry, this is a bug in those packages. 

 Anthony No, it is not.

Is too.

  dpkg has always had
  the correct behavour of not reinstalling conffiles that are removed;
  and so do packages managing configuration files using ucf.

 Anthony That's really great. The reason some packages _don't_ use
 Anthony dpkg or ucf for managing their configuration files is
 Anthony because dpkg's and ucf's behaviour is _not_ always
 Anthony desirable. That's an utterly bogus line of argument, and an
 Anthony absolutely _meaningless_ one -- it's making policy for
 Anthony policy's sake rather than because it actually benefits
 Anthony anyone.

Bull shit. Give me one example where you can determine, up on
 high, that your world view always trumps the local human decision. So
 far, you have labelled my line of reasoning as bogus. Fine then. 

  Policy, while documenting practice for the most part, should
  not recommend or condone broken behavour just because packages are
  broken.

 Anthony The. Packages. Are. Not. Broken. It's that simple.

Are too. I can descend to your level of argument, nyah nyah.

 Anthony How many times have you found base-passwd recreating
 Anthony /etc/passwd and /etc/group a nuisance? Never?  Funny that.

If I ever remove those files, I would too find it
 annoying. Funny what? When I create a himeypot, and remove
 inetd.conf, I do not want to be second guessed and have my decision
 thwarted. 


We are designing for the intelligent operator, not the least
 common moronic denominator.

 Anthony Why the fuck do we have to have a debate about this?

Because not all of us are cognizant fo the fact htat you have
 ascended to heaven and are now passing codas to us mere mortals.

Grow the fuck up.

manoj
-- 
 Real software engineers don't like the idea of some inexplicable and
 greasy hardware several aisles away that may stop working at any
 moment.  They have a great distrust of hardware people, and wish that
 systems could be virtual at *___all* levels.  They would like
 personal computers (you know no one's going to trip over something
 and kill your DFA in mid-transit), except that they need 8 megabytes
 to run their Correctness Verification Aid packages.
Manoj Srivastava   [EMAIL PROTECTED]  http://www.debian.org/%7Esrivasta/
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Manoj Srivastava]

Anthony == Anthony Towns aj@azure.humbug.org.au writes:

 Anthony And, further, you don't actually care which is the best solution, but
 Anthony you're trying to sanctify it for future generations?

 Anthony Look everyone, the policy process failing as you watch!

Bullshit. It is only aj throwing a tantrum when someone does
 not agree with him, and runnin his mouth in the process.

Policy is not going to be broken by either you having a hissy
 fit, or Thomas proposing silly changes.

manoj
-- 
 If it glistens, gobble it! Zippy the Pinhead
Manoj Srivastava   [EMAIL PROTECTED]  http://www.debian.org/%7Esrivasta/
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Manoj Srivastava]

Thomas == Thomas Bushnell, BSG [EMAIL PROTECTED] writes:

 Thomas The example which came up on debian-devel was that if you delete
 Thomas /etc/inetd.conf, various things will recreate it.

Bug. Preserving user changes is a invariant we would like to
 be able to advertize.

 Thomas AJ insists that this is the right behavior; you think it's
 Thomas the wrong behavior.  Hrm.  I don't particularly care, but I
 Thomas do care that the packages and the policy should match.


I fail to see a reason why we should over ride user changes
 whener we, the maintairners, feel a capricious whimsy to doso, even
 when we believe our way is the one true way, and the silly admin
 ought to know better than to meddle in the affairs of his betters.

manoj
 trying to counter some rhetoric on this report
-- 
 Random, n.: As in number, predictable.  As in memory access,
 unpredictable.
Manoj Srivastava   [EMAIL PROTECTED]  http://www.debian.org/%7Esrivasta/
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Manoj Srivastava [EMAIL PROTECTED] writes:

   Policy is not going to be broken by either you having a hissy
  fit, or Thomas proposing silly changes.

I proposed the change because I (mistakenly) though that AJ was
expressing commonly accepted process. 

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Anthony Towns aj@azure.humbug.org.au writes:

 On Tue, Sep 24, 2002 at 09:05:12PM -0700, Thomas Bushnell, BSG wrote:
  I didn't say that it was the best way to go about things; even Manoj
  didn't say that.
 
 So you're saying bugs should be filed to encourage packages to choose
 a less optimal way of doing things than what currently happens?

Geez, no.  I've said it like a jillion times.  I'm happy with *either*
of two solutions: change policy to match current practice, or change
current practice to match policy.

 And, further, you don't actually care which is the best solution, but
 you're trying to sanctify it for future generations?

Geez, no.  Duh.

 Look everyone, the policy process failing as you watch!

Only because some people, well, you, think that it doesn't really
matter *what* policy says.

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Anthony Towns]

On Wed, Sep 25, 2002 at 12:47:29PM -0500, Manoj Srivastava wrote:
   I fail to see a reason why we should over ride user changes
  whener we, the maintairners, feel a capricious whimsy to doso, even
  when we believe our way is the one true way, and the silly admin
  ought to know better than to meddle in the affairs of his betters.
 
   manoj
  trying to counter some rhetoric on this report

If you're trying to counter some rhetoric, could you _please_ do it
with something other than rhetoric of your own?

No one is saying that rewriting your /etc/inetd.conf to remove all the
local changes you've made is a clever thing to do. You're not arguing
against people not preserving user changes in general, you're arguing
against the specific case of reinstating removed configuration files.

Now, you gave an example in another message that you might want to do
that in creating a honeypot. I've no idea why you would -- removing the
config file doesn't buy you anything (the daemon still starts, you can
still start the daemon with other options if you either edit the config
file or specify a different config file on the command line), and a better
effect can be achieved by making it so you can remove inetd entirely
(which was what the thread on -devel was originally about). If you need
the same effect you would get by removing the file, you can simply clear
it or comment everything else, which also has the benefit of the results
matching your intuition (ie, inetd starts, and nothing happens).

Cheers,
aj

-- 
Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/
I don't speak for anyone save myself. GPG signed mail preferred.

 ``If you don't do it now, you'll be one year older when you do.''

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell BSG]

Package: debian-policy
Version: 3.5.6.1
Severity: important

Section 11.7.3 says that changes to configuration files are supposed to be
preserved on upgrade.  This is not commonly done, however, if the change
consists in deleting the file entirely.  Existing practice is probably fine,
but the policy sentence is misleading.  I suggest adding something like:

(though packages are permitted to reinstall configuration files that have been
completely deleted)

-- System Information
Debian Release: 3.0
Kernel Version: Linux becket.becket.net 2.2.19 #1 Fri Jun 29 15:36:16 PDT 2001 
i686 unknown

Versions of the packages debian-policy depends on:
ii  fileutils  4.1-10 GNU file management utilities

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Peter Palfrader]

On Mon, 23 Sep 2002, Thomas Bushnell BSG wrote:

 Package: debian-policy
 Version: 3.5.6.1
 Severity: important
 
 Section 11.7.3 says that changes to configuration files are supposed to be
 preserved on upgrade.  This is not commonly done, however, if the change
 consists in deleting the file entirely.  Existing practice is probably fine,
 but the policy sentence is misleading.  I suggest adding something like:
 
 (though packages are permitted to reinstall configuration files that have 
 been
 completely deleted)

Which may not always be the Right Thing. cf. config files in .d
directories like cron.d, ip-up.d or similar.

yours,
peter

-- 
 PGP signed and encrypted  |  .''`.  ** Debian GNU/Linux **
messages preferred.| : :' :  The  universal
   | `. `'  Operating System
 http://www.palfrader.org/ |   `-http://www.debian.org/


pgpn7Dv9WxURc.pgp
Description: PGP signature

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Peter Palfrader [EMAIL PROTECTED] writes:

 Which may not always be the Right Thing. cf. config files in .d
 directories like cron.d, ip-up.d or similar.

Sure; my wording is quite conservative, merely pointing out current
practice more carefully.  I have no particular reason to think current
practice needs to be changed; if it should be, that's a separate
discussion than this one.

Thomas

Processed: Re: Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

 severity 162120 wishlist
Bug#162120: debian-policy: Deletion of configuration files--should it be 
preserved?
Severity set to `wishlist'.

 thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Manoj Srivastava]

severity 162120 wishlist
thanks

justification: this is not a flaw in the policy, at best, this may be
a proposal to change policy to codifying, in my opinion, a less
desirable behaviour, and should be treated like any other proposal

Hi,
Thomas == Thomas Bushnell BSG [EMAIL PROTECTED] writes:


 Thomas Section 11.7.3 says that changes to configuration files are
 Thomas supposed to be preserved on upgrade.  This is not commonly
 Thomas done, however, if the change consists in deleting the file
 Thomas entirely.  Existing practice is probably fine, but the policy
 Thomas sentence is misleading.  I suggest adding something like:

Sorry, this is a bug in those packages. dpkg has always had
 the correct behavour of not reinstalling conffiles that are removed;
 and so do packages managing configuration files using ucf.

Policy, while documenting practice for the most part, should
 not recommend or condone broken behavour just because packages are
 broken.

Let us get those packages fixed.

manoj
-- 
 Don't take life seriously, you'll never get out alive.
Manoj Srivastava   [EMAIL PROTECTED]  http://www.debian.org/%7Esrivasta/
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Manoj Srivastava [EMAIL PROTECTED] writes:

 severity 162120 wishlist
 thanks
 
 justification: this is not a flaw in the policy, at best, this may be
 a proposal to change policy to codifying, in my opinion, a less
 desirable behaviour, and should be treated like any other proposal

   Sorry, this is a bug in those packages. dpkg has always had
  the correct behavour of not reinstalling conffiles that are removed;
  and so do packages managing configuration files using ucf.
 
   Policy, while documenting practice for the most part, should
  not recommend or condone broken behavour just because packages are
  broken.

The example which came up on debian-devel was that if you delete
/etc/inetd.conf, various things will recreate it.

AJ insists that this is the right behavior; you think it's the wrong
behavior.  Hrm.  I don't particularly care, but I do care that the
packages and the policy should match.

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Anthony Towns]

On Tue, Sep 24, 2002 at 11:11:20AM -0500, Manoj Srivastava wrote:
 justification: this is not a flaw in the policy, at best, this may be
 a proposal to change policy to codifying, in my opinion, a less
 desirable behaviour, and should be treated like any other proposal

For heaven's sake, does someone have to disagree with _EVERYTHING_?

   Sorry, this is a bug in those packages. 

No, it is not.

 dpkg has always had
  the correct behavour of not reinstalling conffiles that are removed;
  and so do packages managing configuration files using ucf.

That's really great. The reason some packages _don't_ use dpkg or ucf for
managing their configuration files is because dpkg's and ucf's behaviour
is _not_ always desirable. That's an utterly bogus line of argument,
and an absolutely _meaningless_ one -- it's making policy for policy's
sake rather than because it actually benefits anyone.

   Policy, while documenting practice for the most part, should
  not recommend or condone broken behavour just because packages are
  broken.

The. Packages. Are. Not. Broken. It's that simple. How many times have you
found base-passwd recreating /etc/passwd and /etc/group a nuisance? Never?
Funny that.

Why the fuck do we have to have a debate about this?

Cheers,
aj

-- 
Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/
I don't speak for anyone save myself. GPG signed mail preferred.

 ``If you don't do it now, you'll be one year older when you do.''


pgp3dhOVdk7AK.pgp
Description: PGP signature

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Thomas Bushnell, BSG]

Anthony Towns aj@azure.humbug.org.au writes:

 The. Packages. Are. Not. Broken. It's that simple. How many times have you
 found base-passwd recreating /etc/passwd and /etc/group a nuisance? Never?
 Funny that.
 
 Why the fuck do we have to have a debate about this?

We don't; any behavior here is fine with me, as long as we document
it.

Manoj seems to think that the current policy doc implies the must
preserve deletions behavior.  (That was my original thought too, but
I must admit, I don't much care.)

I think, however, that the whole point of having a policy document is
to accurately describe how Debian packages are supposed to work.

We have to have a debate about it because there is an actual
substantive disagreement between you and Manoj.  If you don't think
it's that important, then say so, and Manoj could put in a policy
change to make explicit that deletions must be preserved.

Thomas

Bug#162120: debian-policy: Deletion of configuration files--should it be preserved?

[Anthony Towns]

On Tue, Sep 24, 2002 at 07:54:15PM -0700, Thomas Bushnell, BSG wrote:
 We have to have a debate about it because there is an actual
 substantive disagreement between you and Manoj.  

Really? What is it? I only saw comments that amount to I interpret
policy this way and other things do it this way, neither of which is
a response to my original request for someone to give a good reason why
randomly deleting config files of installed packages is the best way to
go about things, and should be supported.

 If you don't think
 it's that important, then say so, and Manoj could put in a policy
 change to make explicit that deletions must be preserved.

Well, I suppose I could change the scripts to cope, and change inetd to
just enable all its internal services unless told otherwise, so anyone
who was stupid enough to think removing the config file would do any
good could get their machine DoS'ed off the .net thanks to a handful of
untracable spoofed packets. Because, hey, personal whims, and the letter
of policy are what matters, not the needs of our userbase, right?

Cheers,
aj

-- 
Anthony Towns [EMAIL PROTECTED] http://azure.humbug.org.au/~aj/
I don't speak for anyone save myself. GPG signed mail preferred.

 ``If you don't do it now, you'll be one year older when you do.''


pgpOq1UedMSBo.pgp
Description: PGP signature