Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 07:18:19PM -0500, Jaldhar H. Vyas wrote: On Wed, 17 Dec 2014, Santiago Vila wrote: But we can leave the whole business of creating SSL certificates to the end user, and at the *same* time avoid useless UCF prompts on upgrades. If 10-ssl.conf exists and disables

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Wed, 17 Dec 2014, Santiago Vila wrote: For umpteenth time: The file 10-ssl.conf does not have to be included in dovecot-core.deb! Try dpkg -S /root/.profile in your system. I've reopened this is as a wishlist. Right now I need to make sure a never version of dovecot than -6 gets into

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, 16 Dec 2014, Jaldhar H. Vyas wrote: reopen 773237 severity wishlist thanks Thanks for reopening, but policy says this: Packages should try to minimize the amount of prompting they need to do, and they should ensure that the user will only ever be asked each question

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Wed, Dec 17, 2014 at 06:40:55AM -0500, Jaldhar H. Vyas wrote: On Wed, 17 Dec 2014, Santiago Vila wrote: For umpteenth time: The file 10-ssl.conf does not have to be included in dovecot-core.deb! Try dpkg -S /root/.profile in your system. I've reopened this is as a wishlist.

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

Quoting policy: These two styles of configuration file handling must not be mixed, for that way lies madness: `dpkg' will ask about overwriting the file every time the package is upgraded. No it won't because after -6 the file will be managed by ucf. [...] You are right

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, 16 Dec 2014, Santiago Vila wrote: My objection is that policy says that the conffile mechanism is only appropriate for files having a default that may work for everybody, and the rationale is that if most people need to modify it, then most people will get prompted on upgrades over and

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 09:14:11AM -0500, Jaldhar H. Vyas wrote: On Tue, 16 Dec 2014, Santiago Vila wrote: My objection is that policy says that the conffile mechanism is only appropriate for files having a default that may work for everybody, and the rationale is that if most people need to

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, 16 Dec 2014, Santiago Vila wrote: The only way? That's simply *not* true! It is perfectly allowed *not* to ship a configuration file inside the .deb and instead create it in the postinst, only if it does not exist. Creating the relevant configuration in postinst is what was broken

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 04:49:18PM -0500, Jaldhar H. Vyas wrote: On Tue, 16 Dec 2014, Santiago Vila wrote: The only way? That's simply *not* true! It is perfectly allowed *not* to ship a configuration file inside the .deb and instead create it in the postinst, only if it does not exist.

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, 16 Dec 2014, Santiago Vila wrote: Creating the relevant configuration in postinst is what was broken in the first place. That's why I took it out. Bug number? References? Oh there have been various complaints about this or that use case for a long time. Unfortunately a lot of

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 06:10:29PM -0500, Jaldhar H. Vyas wrote: On Tue, 16 Dec 2014, Santiago Vila wrote: Creating the relevant configuration in postinst is what was broken in the first place. That's why I took it out. Bug number? References? Oh there have been various complaints

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 06:10:29PM -0500, Jaldhar H. Vyas wrote: [...] it is safest to leave the whole business to the end user [...] But we can leave the whole business of creating SSL certificates to the end user, and at the *same* time avoid useless UCF prompts on upgrades. You seem to imply

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Wed, 17 Dec 2014, Santiago Vila wrote: Sorry but I don't follow your line of reasoning. In those examples, the file 10-ssl.conf has SSL certificates by default. The point is that the code to do that was broken. But I'm not proposing that the default 10-ssl.conf has SSL enabled

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Wed, 17 Dec 2014, Santiago Vila wrote: But we can leave the whole business of creating SSL certificates to the end user, and at the *same* time avoid useless UCF prompts on upgrades. If 10-ssl.conf exists and disables SSL, then upgraders with a previously working SSL configuration will

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

On Tue, Dec 16, 2014 at 06:50:55PM -0500, Jaldhar H. Vyas wrote: On Wed, 17 Dec 2014, Santiago Vila wrote: So: Why can't dovecot-core create the *current* file (the one *not* having SSL enabled) in the postinst instead of using UCF? Please don't tell me that you already tried that, because you

Bug#773237: dovecot-core: Should not use UCF for 10-ssl.conf

reopen 773237 severity wishlist thanks On Wed, 17 Dec 2014, Santiago Vila wrote: That is quite easy indeed: * The file is not included in the package.deb. * The very first time the package is installed, the file is created from the default by postinst. * On upgrades, you do nothing at all