Henrique de Moraes Holschuh <h...@debian.org> writes: > On Tue, May 24, 2016, at 13:03, Ansgar Burchardt wrote: >> On Tue, 2016-05-24 at 11:43 -0300, Henrique de Moraes Holschuh wrote: >> > On Tue, May 24, 2016, at 10:01, Simon McVittie wrote: >> > > On Tue, 24 May 2016 at 09:08:11 -0300, Henrique de Moraes Holschuh >> > > wrote: >> > > > Whatever we do, we absolutely must bring up a fully configured >> > > > loopback >> > > > interface by default. >> > > Happily, our default init system already does that. >> > We need to ensure any non-default ones also do that before we drop >> > ifupdown from "recommends", because ifupdown + default >> > /etc/network/interfaces is the fallback that ensures the loopback >> > will be up. >> >> We are not talking about removing "ifupdown" from the default >> installation which includes all "Priority: important" packages (which >> happens to include both netbase and ifupdown). >> >> The only installations affected are debootstrap's "minbase" and >> "buildd" variants: these only install "Priority: required" packages and >> select extra packages (apt and, for buildd, build-essential). These >> would no longer pull in "ifupdown" if "netbase" is installed. > > As far as I am concerned, ensuring the "master namespace" loopback is > configured and up is actually required behavior and it should be > enforced by something stronger than "priority important" packages being > installed. Systemd got this right.
I note that systemd is one of those "priority important" packages ;) I have to admit though that "init" is still[1] at "Priority: required" and depends on the lower-priority "systemd" package (a policy violation that makes life much easier and sane). [1] <https://bugs.debian.org/824991> > So, yes, I do think it would be best were it done by something in the > initscripts package, since systemd is already doing it by itself as > well. That might be useful in either case to make sure "lo" gets setup early. That would remove one subtle difference between systemd and sysvinit. > Also, it is "probably not ok" (as in I fully expect we will end up with > people filling severity critical bugs should we do otherwise) to allow > ifupdown (and likely netbase) to get uninstalled anywhere it was > automatically installed, unless we ensure something else will take up > their job. This is not even related to configuring the loopback, but > rather to /etc/network/interfaces processing, as well as /etc/services. I'm not sure why "netbase" should be uninstalled anywhere if we remove the "Recommends: ifupdown" from "netbase"? Also all "Priority: important" packages installed by the default installation should be marked as manually installed as far as I remember. I guess if you use the "minbase" or "buildd" variants, install "netbase" and "ifupdown" only as a recommended package, then apt might suggest to remove the no-longer recommended package. I guess you mean this by "automatically removed" even though it only happens by admin request as far as I remember? If you include other reasons for "automatically removed", like for example running dist-upgrade and not checking what will be removed, there are many other packages that could be removed and break networking/firewall hooks. (And "Recommends: ifupdown" will likely not prevent that sort of removal for "ifupdown" anyway.) Ansgar