summaryrefslogtreecommitdiff
path: root/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn
blob: 1463ebdd772808b986a2d77bacd4de2667653e35 (plain)

[[meta title="debian packaging postinst script clobbers gpg.conf settings in /var/lib/monkeysphere" ]]

Do we want to allow the system administrator to make adjustments to the gpg.conf config files found in /var/lib/monkeysphere? At the moment, there are two such files:

  • /var/lib/monkeysphere/gnupg-authentication/gpg.conf
  • /var/lib/monkeysphere/gnupg-host/gpg.conf

In the debian postinst scripts (debian/monkeysphere.postinst), the contents of those files are overwritten on every upgrade/reinstall, effectively clobbering any changes made by the local admin.

Maybe we do want to do this clobbering, though. Stuff in /var is generally not expected to be modified by hand. I see two possible resolutions to this:

  • when we clobber those files, include a comment along the lines of:

    do not make changes to this file! It is overwritten on each upgrade!

  • Avoid clobbering the files, and treat them as config files.

the latter approach suggests that they should be more properly stored in /etc/, though. This would give us all the conf-file tracking apparatus, which is nice. If we do want to do that, I guess we'd symlink to them from the monkeysphere-specific $GNUPGHOMEs in /var/lib/monkeysphere, since gpg does not seem to allow for overriding the location of the gpg.conf independent of $GNUPGHOME.


All the gpg.conf files now reside in /etc/monkeysphere, and are linked in into the GNUPGHOMEs in /var/lib/monkeysphere.

[[bugs/done]] on 2008-10-11