On Sun, 2005-04-24 at 01:14 -1000, Warren Togami wrote: > Now that we have moved a bunch of packages keys or certs from somewhere > in /usr to somewhere in /etc, shouldn't we also modify those packages > %post to conditionally auto-migrate those keys/certs? Without > auto-migration there will undoubtedly be many complaints and bug reports > from people who upgrade like "FC4 broke SSL foo!" > > Conditional auto-migration would need to be carefully implemented and > tested because it can be complicated. For example in some cases it > would need to perform string-replacement in config files to point at the > new key/cert location. > > In other cases it would *copy* keys/certs to new locations, but only if > old location contains custom (non-packaged) keys/certs, and the new > location does NOT contain custom files (files deposited prior to %post > by the package update). How the heck would this be implemented (you may > NOT run rpm during %post)? Is there any simpler algorithm that does the > right thing? This is effectively what I implemented in the two packages (cyrus-imapd, dovecot) I updated, albeit a bit simplier. The %post checks if a key file exists in the old location but not the new location. If so it moves the key file(s) to the new location. Then %post continues to do what it always did, check for a key file in the cannonical location, if it does not exist it generates a generic key. This does not attempt to identify if the key was a custom key, however I don't that matters, we only care if a key was in use in the old location. However, what can screw up, and I'm not really sure if there is a solution to this or not, is the %config(noreplace) file attribute on the the config file that has the key location in it. When the new rpm installs it comes with a config file that has been updated with the new location. However, if that file has been modified its not going to be replaced and there is going to be a mismatch. If the file has not been modified then everything works. I did test the key migration in the packages I own and modulo prior editing of the config file by the user it seems to do what you want. Other than release notes or adding something to /usr/doc/<package> I'm not sure how to handle the modified config file case. Suggestions? We could edit the config file that was preserved but I think that might be considered evil. > After things are copied, it would need to check/correct file permissions > to make sure things are safe. > > In any case I'm convinced that auto-migration needs to happen, it will > just be painful to implement correctly. First step is listing which > packages need to be modified in this way? I believe: cyrus-imapd dovecot httpd postfix (maybe?) -- John Dennis <jdennis@xxxxxxxxxx>
