On 2013-07-25 13:51:13 +0200, Arno Töll wrote: > On 25.07.2013 13:39, Vincent Lefevre wrote: > > If users are allowed to disable these modules in compliance with the > > policy, then you need to make sure that Apache still works in such a > > case (e.g. for a personal website that doesn't need these modules). > > The use of IfModule could be a solution. > > Try "apt-get remove bash" or "apt-get remove dpkg" and agree with the > scary warning and see what works thereafter (no, don't do it for real). > You will notice, you just broke your system badly without any safety net. > > The definition of an essential package is "do not remove it".
That's more: some policy requirements do not apply to them. > If you still do, it's your business to deal with the situation. Same > for these modules - however, I agree that we need to communicate > this more prominently (again, see #709461). So, for these modules, if you assume that they are like essential packages, I think it would be OK to reinstall them automatically if they are needed. In particular, if such modules have been disabled, it's probably more because of a bug than because the user removed them. And if there is a good reason to remove such a module (security, bloat, or whatever), then it should no longer be regarded as an essential module. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130725134403.gu16...@ioooi.vinc17.net
