On Sun, Jun 12, 2011 at 06:02:19PM -0700, Tom Eastep wrote: > > - On a fresh installation, it is preferable to omit the deprecated > options. During an upgrade, however, we want to keep those options - > especially if they have a non-default value. > > Today, I modified both the 4.4.20 and 4.4.21 branches to omit the > deprecated options from the .conf files (Shorewall, Shorewall6 and > their samples). > > - I'm particularly uncomfortable with the idea of modifying users' > configurations during an upgrade. I prefer to make it an optional > post-installation step initiated by the user. > Tom,
This fits with my idea of a sensible way of handling this. From the Debian packaging side, if shorewall.conf contains local modifications, any changes in the shorewall.conf shipped with the package must be dealt with by the admin on upgrade. In the event that there is no interactive terminal attached, the default is to keep the old configuration unmodified and save the packages new default configuration file alongside. Incidentally, for users of unstable, these sorts of things tend to come along in bite-sized pieces. However, when doing a dist-upgrade from one stable release to another there are lots of changes. For that reason I try to avoid gratiutious changes to configuration files. What I plan to do, though, is to ship the config file without the deprecated options. The Debian package upgrade process will make it relatively painless for the admin to deal with the change. If the admin chooses to do nothing then things should continue to work with the older configuration file. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
