On 6/12/11 6:15 PM, Roberto C. Sánchez wrote: > On Sun, Jun 12, 2011 at 06:02:19PM -0700, Tom Eastep wrote: >> >> - On a fresh installation, it is preferable to omit the deprecated >> options. During an upgrade, however, we want to keep those options - >> especially if they have a non-default value. >> >> Today, I modified both the 4.4.20 and 4.4.21 branches to omit the >> deprecated options from the .conf files (Shorewall, Shorewall6 and >> their samples). >> >> - I'm particularly uncomfortable with the idea of modifying users' >> configurations during an upgrade. I prefer to make it an optional >> post-installation step initiated by the user. > > This fits with my idea of a sensible way of handling this. From the > Debian packaging side, if shorewall.conf contains local modifications, > any changes in the shorewall.conf shipped with the package must be > dealt with by the admin on upgrade. In the event that there is no > interactive terminal attached, the default is to keep the old > configuration unmodified and save the packages new default configuration > file alongside.
Agreed. And the environment where there is no interactive terminal attached makes me nervous about modifying the user's configuration. > > Incidentally, for users of unstable, these sorts of things tend to come > along in bite-sized pieces. Also agreed. I suspect that if Mr Dash Four ran Debian, he would not have developed these scripts since the Debian upgrade process would have made the differences between his config and the new one explicit (if he chose to examine those differences). > However, when doing a dist-upgrade from one stable release to another > there are lots of changes. For that reason I try to avoid > gratiutious changes to configuration files. The dist-upgrade scenario is the one that makes me most nervous about modifying the user's configuration. Because the user's configuration can be several years out of date with respect to the version being installed. > > What I plan to do, though, is to ship the config file without the > deprecated options. The Debian package upgrade process will make it > relatively painless for the admin to deal with the change. If the admin > chooses to do nothing then things should continue to work with the older > configuration file. Exactly. Thanks, Roberto -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
