What is policy about auto-editing config files on port install / deinstall?
Oleg Moskalenko
oleg.moskalenko at citrix.com
Thu Jan 3 22:14:20 UTC 2013
So, what is the general recommended policy on the network services ports in regard to /etc/rc.conf file ? If I install a port that creates a service "foodbank", then which choice is better:
1) "Automatically" edit /etc/rc.conf in the port installation script to include the line:
foodbank_enable="YES",
or:
2) Display a message to the user like "you must edit /etc/rc.conf to add line foodbank=YES file" ?
The same question applies to the port de-installation.
Thanks !
Oleg
> -----Original Message-----
> From: owner-freebsd-ports at freebsd.org [mailto:owner-freebsd-
> ports at freebsd.org] On Behalf Of Miroslav Lachman
> Sent: Thursday, January 03, 2013 1:49 PM
> To: Scot Hetzel
> Cc: freebsd-ports at freebsd.org
> Subject: Re: What is policy about auto-editing config files on port install /
> deinstall?
>
> Scot Hetzel wrote:
> > On Wed, Jan 2, 2013 at 2:37 PM, Miroslav Lachman<000.fbsd at quip.cz> wrote:
> >> Is somewhere written policy or portmgr recommendation about ports
> >> behavior on install / deinstall?
> >> I am talking about some ports doing "nasty" things.
> >>
> >> Some ports are stopping services on deinstall, some not.
> >
> > I prefer that when a port is uninstalled, that the service is stopped.
> > If it isn't stopped, it could pose a security risk to the system at a
> > later time.
>
> Only if it will be optional. I am "the god in my world (my system)" and I should
> know better than anybody else if I need to stop the daemon at any time.
>
> The maintainer of any port can't know all the dependencies on my system and
> my workflow with updating ports.
> Somebody can consider stopping (or restarting) Apache on upgrade as "good
> thing", but it can be just a small piece of bigger upgrade process with lot of
> dependencies like Apache modules, PHP, PHP extensions and libraries used by
> both Apache and PHP extensions. So if for example Apache is upgraded and it
> will made upgrade of PCRE with different library version number, then restart of
> Apache will fail on PHP not loading missing old PCRE library.
> So the Apache should be restarted after upgrade of all the modules and libraries,
> not after upgrade of it self.
>
> > We still need to come up with a way of restarting the service after
> > the upgrade. Currently, it has to be done manually to start the
> > service.
> >
> >> Some ports are editing "my config files" on deinstall, so even on
> >> upgrade procedure I must check if port did some changes before I can
> >> restart target daemon.
> >>
> > Most ports don't edit the config files as they install the original
> > config file to a different name.
> >
> >> For example some Apache modules (mod_bw, mod_xsendfile...) are
> >> commenting out load_module lines in httpd.conf so I got syntax error
> >> on Apache restart after upgrade of mentioned module and Apache failed to
> start.
> >>
> > Apache 2.x is an exception, as the installation of a Apache module
> > requires apachectl to add/re-enable the module in the httpd.conf file.
> > Upon deinstallation, apachectl is used to disable the module in the
> > httpd.conf file. It doesn't remove the LoadModule directive, it just
> > adds a '#" sign in front of it. When the port is re-installed, all
> > apachectl has to do is remove the '#' sign. A restart of Apache
> > should then load the module again.
> >
> > What errors are you getting when re-installing an Apache module?
>
> Apache modules are not enabled by default. I am talking about 3rd party
> modules. In some cases, they do nothing with httpd.conf, in other cases, they
> are adding commented line and I must manualy uncomment this line, so it is my
> will to have this module loaded / enabled.
>
> But upgrade or reinstall or deinstall of this module causes commenting this line
> out. It is undesirable.
> If I enable this module and this module will be updated 10 times a year, why am I
> forced to re-enable it 10 times again?
>
> Real world example follows:
>
> root at spare ~/# uname -srmi
> FreeBSD 8.3-RC2 amd64 GENERIC
>
> ___________________________________________________
> Only Apache is installed, no 3rd party modules
>
> root at spare ~/# pkg_info -E ap22\* apache22-\*
> apache22-2.2.23_4
>
> ___________________________________________________
> Copy the config file for later comparision
>
> root at spare ~/# cp -P /usr/local/etc/apache22/httpd.conf httpd.conf.orig
>
> ___________________________________________________
> Install mod_xsendfile
>
> root at spare ~/# portmaster www/mod_xsendfile
>
> ===>>> Installation of www/mod_xsendfile (ap22-mod_xsendfile-0.12_2)
> complete
>
> ___________________________________________________
> There is commented LoadModule line after install added to httpd.conf
>
> root at spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:25:03.000000000
> +++ +0100
> @@ -75,4 +75,5 @@
> LoadModule rewrite_module libexec/apache22/mod_rewrite.so
> LoadModule php5_module libexec/apache22/libphp5.so
> +#LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
>
> ___________________________________________________
> I must manually uncomment the line (which is OK, I don't need to modules be
> auto enabled as services are not enabled in rc.conf)
>
> root at spare ~/# vi /usr/local/etc/apache22/httpd.conf
>
> LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
>
> ___________________________________________________
> Then I added some configuration to VirtualHost
>
> root at spare ~/# vi
> /usr/local/etc/apache22/vhosts/available/www.example.com.conf
>
> XSendFile on
> XSendFilePath /vol0/web/test
>
> ___________________________________________________
> Diff shows that module is enabled
>
> root at spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:26:46.000000000
> +++ +0100
> @@ -75,4 +75,5 @@
> LoadModule rewrite_module libexec/apache22/mod_rewrite.so
> LoadModule php5_module libexec/apache22/libphp5.so
> +LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
>
> ___________________________________________________
> Syntax check
>
> root at spare ~/# httpd -t
> Syntax OK
>
> ___________________________________________________
> Reinstallation of the module (same as upgrading)
>
> root at spare ~/# portmaster ap22-mod_xsendfile-0.12_2
>
> ===>>> Creating a backup package for old version ap22-mod_xsendfile-0.12_2
> ===>>> Package saved to /usr/ports/packages/portmaster-backup
>
> Don't forget to remove all mod_xsendfile-related directives in your httpd.conf
>
> ===> Installing for ap22-mod_xsendfile-0.12_2
> ===> Generating temporary packing list
> ===> Checking if www/mod_xsendfile already installed
> /usr/local/share/apache22/build/instdso.sh
> SH_LIBTOOL='/usr/local/share/apr/build-1/libtool'
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la
> /usr/local/libexec/apache22
> /usr/local/share/apr/build-1/libtool --mode=install cp
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-0.12/mod_xsendfile.la
> /usr/local/libexec/apache22/
> libtool: install: cp
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-
> 0.12/.libs/mod_xsendfile.so
> /usr/local/libexec/apache22/mod_xsendfile.so
> libtool: install: cp
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-
> 0.12/.libs/mod_xsendfile.lai
> /usr/local/libexec/apache22/mod_xsendfile.la
> libtool: install: cp
> /usr/ports/www/mod_xsendfile/work/mod_xsendfile-
> 0.12/.libs/mod_xsendfile.a
> /usr/local/libexec/apache22/mod_xsendfile.a
> libtool: install: chmod 644 /usr/local/libexec/apache22/mod_xsendfile.a
> libtool: install: ranlib /usr/local/libexec/apache22/mod_xsendfile.a
> chmod 755 /usr/local/libexec/apache22/mod_xsendfile.so
> [preparing module `xsendfile' in /usr/local/etc/apache22/httpd.conf]
> ===> Registering installation for ap22-mod_xsendfile-0.12_2
>
> ===>>> Creating a package for new version ap22-mod_xsendfile-0.12_2
> ===>>> Package saved to /usr/ports/packages/All
>
> ===>>> Re-installation of ap22-mod_xsendfile-0.12_2 complete
>
>
> ___________________________________________________
> And there is a problem - syntax error, because module was disabled (commented
> out on deinstall) and some directives remained in VirtualHost definition - Apache
> will not start!
>
> root at spare ~/# httpd -t
> Syntax error on line 57 of
> /usr/local/etc/apache22/vhosts/available/www.example.com.conf:
> Invalid command 'XSendFile', perhaps misspelled or defined by a module not
> included in the server configuration
>
> ___________________________________________________
> Diff shows commented out line
>
> root at spare ~/# diff -U 2 httpd.conf.orig /usr/local/etc/apache22/httpd.conf
> --- httpd.conf.orig 2013-01-03 12:56:22.000000000 +0100
> +++ /usr/local/etc/apache22/httpd.conf 2013-01-03 21:32:26.000000000
> +++ +0100
> @@ -75,4 +75,5 @@
> LoadModule rewrite_module libexec/apache22/mod_rewrite.so
> LoadModule php5_module libexec/apache22/libphp5.so
> +#LoadModule xsendfile_module libexec/apache22/mod_xsendfile.so
>
> ___________________________________________________
>
> I think this behavior is wrong.
>
> Why am I forced to manualy re-enable all 3rd party modules on each upgrade?
>
> Modules should not disable something that is explicitly enabled by user / system
> administrator.
>
>
> Miroslav Lachman
>
> PS: I know about deinstall message "Don't forget to remove all
> mod_xsendfile-related directives in your httpd.conf" but it can be
> considered as maintainer's "joke" in case of module upgrade
> _______________________________________________
> freebsd-ports at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
More information about the freebsd-ports
mailing list