On Tue, 2013-03-19 at 13:51 -0700, Sage Weil wrote: > On Tue, 19 Mar 2013, Dan Mick wrote: > > Is there a way out if you remove the keyrings? > > Yeah; you can use the keyring in the mon data dir to refetch any keyrings > you deleted from /etc/ceph/. But if packages are purged on mon as well... > I don't disagree with any of this discussion, BTW; I ask the question > because I want to understand what the packaging best-practices are before > we put our foot down for what is "right". Actually there are two methods to uninstall a package from the system. One is '-r' or '--remove' options of dpkg . As it's name and the manpage confirms: "Remove an installed package. -r or --remove remove everything _except conffiles_. This may avoid having to reconfigure the package if it is reinstalled later.". The second is '-P' or '--purge', which stands for '[...] removes everything, including conffiles.". Debian policy chapter 10 [1] writes about files and their handling. Its subchapter 10.7 [2] talks about configuration files. Their handling is expressed in subchapter 6.8 [3]. In short, if user asks to purge the package, then the keys have to be removed as well. If someone thinks about a reinstallation, s/he should use remove instead. To be safe, I see one option. On purge, a debconf message can be displayed notifying the user about the keys are going to be removed as well. Abort of purge or backup of keys can be offered, based on the choice. Hope this helps, Laszlo/GCS [1] http://www.debian.org/doc/debian-policy/ch-files.html [2] http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files [3] http://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#s-removedetails -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
