[apparmor] Cache update broken

Tue Aug 7 20:34:28 UTC 2012

Hello,

John, thanks for honoring the golden rules of bad programming in your 
patch! I'm especially talking about rule 18 - "take great care in 
setting bad defaults" ;-)

Am Dienstag, 7. August 2012 schrieb Seth Arnold:
> I expect --clear-cache-if-needed to be the default set in the config
> file 

Let me ask a simple question: Can you give me a good reason _not_ to 
automatically clear the cache if .features differs, and to keep an 
outdated cache? [1]

IMHO most people want their cache updated automatically, and it doesn't 
make much sense to force everybody to add --clear-cache-if-needed to the 
initscript or the config file.

Can we please make it the default _without_ the need for an additional 
parameter or config option?

If you really want, feel free to introduce a 
    --never-clear-cache-automatically
parrameter / config file option - but I doubt many people will use it 
;-)

> -- redundant for ubuntu but also a chance to bring both
> initscripts together again -- at least for this feature.

I don't know the history and background why there are separate 
initscripts (pointers welcome), but I'm a big fan of avoiding duplicate 
work (especially if I have to maintain the duplicate ;-))

> A direct --clear-cache would just be a debugging tool for admins, and
> rarely used (hopefully) at that.

Indeed. It might be a nice feature, but I'd give it a low priority [2].
The avarage admin most probably knows how to delete all files in a 
directory ;-)

Regards,

Christian Boltz

[1] oh, now I remember: 
        rule 22 - "invent new ways to make your program slow" 
    ;-)

[2] aa-enable is more important IMHO because it needs to
    a) delete a symlink
    b) load the profile
-- 
Ich selbst benutze kweather nicht (ich guck einfach aus dem Fenster).
[Hartmut Meyer in suse-linux]