On Mo, 11.12.23 11:10, DJ Delorie (dj@xxxxxxxxxx) wrote: > Lennart Poettering <mzerqung@xxxxxxxxxxx> writes: > > Well, as you might be aware many distributions these days do more than > > "files dns" for "hosts", and similar for the other databases, and > > hence a built-in default in glibc is great, but most distributions and > > image builders probably want to pick different defaults without having > > to patch glibc for this. > > I agree. My point was that (1) glibc has a built-in default, and (2) > most distros/users/installers customize it anyway, so storing a > "default" version anywhere other than /etc is not needed. This doesn't work though. Take Fedora for example. It supports a systemd feature called "DynamicUser=". If you turn that on for some service it will get a transient UID assigned the moment it is started and it's released again when it is stopped. It's a resonably popular feature. It requires that the "nss-systemd" modules is listed in nsswitch.conf. The glibc built-in default does not list "systemd" in its nsswitch.conf line though. On Fedora, the module is patched in via /etc/nsswitch.conf. But then you already lost, because now the distro default and the configuration the user made are all mixed up in a hairy ball and cannot be separated anymore. I don't think it's realistic to ask the glibc maintainers to change their built-in version of nsswitch.conf to always list systemd though (as that doesn't even make sense in many cases, i.e. when you run glibc inside a docker container without any systemd). Hence it makes sense to isolate this cleanly: 0. have upstream defaults built-in to the binaries, where this applies 1. have distro/OS image defaults in /usr/ 2. have user's own configuration in /etc/ That's a very clear separation of ownership, and means you can always very clearly trace back where a change comes from, and combine things flexibly in a multitude of ways without ever losing this concept of provenance. In systemd we have a tool "systemd-delta" which makes use of this separation of ownership, and allows you to diff local settings vs. distro/OS defaults. Lennart -- Lennart Poettering, Berlin -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
