On Mon, Aug 12, 2024 at 9:21 AM Iker Pedrosa <ipedrosa@xxxxxxxxxx> wrote: > > Hi, > > Recently, pam_radius released a new version and with it changed the location of the config file everywhere, giving us the opportunity to align with upstream and remove all our downstream-only patches. > > During the package update I would like to move the config file from its current location (/etc/pam_radius.conf) to the new one (/etc/pam_radius_auth.con). Do you know if there is an easy way to do that? I mean, apart from writing a bash script in the spec file? > Ouch, this is going to be a problem for a number of reasons. 1. If you just change the path, you're going to drop the new default config file in place and leave the old one orphaned. Users will have their config reverted to the default configuration silently. 2. Existing config-management tools such as Ansible, puppet, etc. are going to keep trying to place the config in the old (wrong) place. So even if you script a move of the current config file location to the new location, if they're using tools to put it in place, they won't have the right effect. 3. There's an ongoing soft effort to avoid putting default config files in /etc as part of an attempt to make it possible to do a "factory reset". Is it possible to patch pam_radius to check multiple locations? In an ideal world, it would check /etc/pam_radius.conf, then /etc/pam_radius_auth.conf and finally /usr/lib/pam_radius/pam_radius_auth.conf (stopping when it finds the right file). We could then loudly announce the deprecation of the old location to be removed in F42 or F43. If that's not possible, you probably need to file a Change[1] for F42 to notify people early and loudly that the location will be changing. I don't think it makes sense to try to automate upgrading to this new location on the packaging side. It would be more possible if it was part of a regular system service; we have tricks we can use for that[2]. But since PAM doesn't run a daemon or anything else that necessitates a systemd unit, we have no place to hook in an upgrade script. [1] https://docs.fedoraproject.org/en-US/program_management/changes_policy/ [2] https://src.fedoraproject.org/rpms/nfs-utils/blob/f32/f/nfs-convert.service -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
