TurnKey Linux's take on Ubuntu appliance development: KISS

Soren Hansen soren at ubuntu.com
Mon Jan 4 14:47:35 GMT 2010 

On Wed, Dec 23, 2009 at 12:27:32PM +0200, Liraz Siri wrote:
>>> Also, merging is already a problem even when we simply manually edit
>>> the config files. I see that as a limitation of the packaging
>>> system, and it happens whenever one tries to upgrade/dist-upgrade a
>>> heavily customized system. Some packages are already much smarter in
>>> this regard than others (for instance, it's a long time since I have
>>> any trouble with Apache2) - but others always give me trouble.
>> This is exactly the sort of problem that will be exacerbated by
>> scripts or whatnot going around editing conffiles. One thing is being
>> reminded of changes you've manually made to a conffile with a text
>> editor when you're doing an upgrade. It's quite a different situation
>> if a script has made changes to a bunch of files and you then have to
>> make a decision about whether you want to keep the patched version of
>> the new one from the updated package. You have no way to answer this
>> question properly, because you a) didn't make the change yourself and
>> b) likely don't understand the motivation behind the specific change,
>> since that's exactly the sort of things that such scripts (or webmin
>> or whatever) are meant to /hide/ from you.
> Are you implying we should attempt to *force* everyone to learn
> configuration file formats and tweak everything by hand? 

Not at all?

If a package upgrade includes a change to a conffile (a configuration
file managed by dpkg) compared to the version installed by the old
version of the package, and you have made changes to said conffile, you
will be prompted about these changes. If, however, something else (e.g.
webmin) has made these changes on your behalf, you will be prompted
about changes you have not made to a conffile you likely have never
heard of. I'm just saying that this is not acceptable, which is a major
reason why webmin is not supported in Debian and Ubuntu, because this is
/exactly/ what webmin does /all the time/.

> You can do that if you like, Webmin doesn't change anything unless you
> ask it to.

Webmin attempts to abstract the details of configuration file formats
away, providing a simplified interface to make changes to system
configuration (rather than make changes to configuration /files/). A
user who makes changes in webmin will generally not know which
configuration files are affected nor what is changed in them, and any
prompts about these changes will be nonsense. When prompted, the user
will then likely either keep the existing contents of the conffile
(missing out on the changes in the updated package (which may or may not
be security related)), or accept the new, updated conffile and hence
lose the customisations they've done through webmin.

> If package upgrades assume users are tweaking configuration formats
> with Vim (my favorite) rather than a higher-level tool, perhaps we
> need to figure out how to fix that.

Exactly.

> Frankly, I don't understand anti-Webmin sentiment in Debian and Ubuntu.
> It's always seemed kind of elitist to me.

I hope this clears it up a bit.

-- 
Soren Hansen                 | 
Lead virtualisation engineer | Ubuntu Server Team
Canonical Ltd.               | http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20100104/a4fb1c0b/attachment-0001.pgp

More information about the ubuntu-devel mailing list