Re: Fedora 32 System-Wide Change proposal: iptables-nft-default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Kevin,

I just noticed we didn't finish discussing the package rename proposal
in related releng issue[1]:

On Wed, Oct 30, 2019 at 05:02:08PM -0400, Ben Cotton wrote:
[...]
> To change the status quo, two measures are planned:
> 
> === Raise priority of nft-variants in <code>alternatives</code> ===
> 
> Currently, legacy variants are installed with priority 10 and nft
> variants with priority 5. This must be changed as otherwise installing
> <code>iptables-legacy</code> in a system with
> <code>iptables-nft</code> installed would change the active
> alternative (since they are in automatic mode by default).
> 
> On the other hand, existing systems using legacy variants should not
> be changed by a system update. Therefore nft variants' priorities
> should be chosen to match legacy ones.
> 
> === Rename <code>iptables</code> package ===
> 
> New name should be <code>iptables-legacy</code> which aligns with
> ebtables and arptables and reflects upstream status. To resolve
> dependencies, <code>Provides: iptables</code> statement will be added
> to <code>iptables-nft</code> package. This should automatically change
> the default variant to nft.

My motivation for the rename is to abstract 'iptables' keyword other
packages depend upon if they need (an implementation of) iptables.

With matching Alternatives priorities, the first installed variant
package wins and with given lexical ordering, if both legacy and nft
variants are installed by default Alternatives will point at legacy.

I want to avoid this (and also avoid legacy being installed if not used)
by making sure a 'Requires: iptables' in any package may be satisfied by
iptables-nft package as well. If adding 'Provides: iptables' to the
latter is sufficient, that's fine with me.

If my assumptions are correct, I assume there is still a 'Suggests:
iptables-nft' required in an always installed package like
fedora-release, right? Also, which package would that be? I don't see
fedora-release package being used for these things.

Cheers, Phil

[1] https://pagure.io/releng/issue/8934
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux