Russ Allbery wrote: >The last time I looked at this (which was several years ago), diverting >conffiles had enough problems that it was tempting to just say that it >didn't work reliably. I wonder if we should explicitly recommend against >diverting conffiles, or if some of those problems have been cleaned up.
I've deployed the package I was building when I stumbled upon this in the meantime and haven't met any problems. However, this is just a tiny config package (it boils down to supplying some custom run.d snippets for molly-guard and replacing /etc/molly-guard/rc with a customized version). >Some Debian sites, such as (IIRC) MIT, have extensive local infrastructure >based on diverted conffiles and have run into all sorts of weird edge >cases with them. I've been using custom-build *-config packages for quite some time now, as our current infrastructure makes this the easiest way to ship basic configs to our systems (in fact it is nearly a no-brainer this way) and have not run into problems until now (at least not that I'd remember). This might be the first time I've had to divert an existing conffile, however, As Adam pointed out, this usage seems to be in violation of section 10.7.4 of the DPM, which I hadn't noticed. (Thanks for pointing this out to me.) Perhaps a pointer to this section should be added to Appendix G, to alert people arriving there via Google et al (like I did)? Greetings from Stuttgart, =ToJe= -- Torsten Jerzembeck * Oberschlesische Str. 61 * D-70374 Stuttgart Exil-Westfale * PGP: B74DB58D * MIME welcome * Generation Tux * ><o(((°>
signature.asc
Description: Digital signature