On Fri 2018-11-02 18:27:55 -0500, Reuben Martin wrote:
> All this discussion about service management kinda misses the
> point. You're swapping out a kernel module. There will always be
> risk. Changing service management procedures won't mitigate that. If
> you do not have a means to connect outside of the VPN connection, and
> the module (or service) fail, you're SOL.
I think you're saying that such a migration is complicated,
idiosyncratic, and might fail -- so we should automate it and let the
admin pick up the pieces if it breaks.
I think i agree that it's complicated, idiosyncratic, and might fail --
by my conclusion is that we *shouldn't* automate it on behalf of the
local admin, but rather let them plan their own migration. *shrug*
Again, if you have a suggestion for how to reduce the risk, i'm all
ears, but i'm not about to encourage automated breakage in the package
management.
--dkg
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
