netbsd-bugs: bin/5498: /etc/dhclient-script is clobbered by 'make install'

Subject: bin/5498: /etc/dhclient-script is clobbered by 'make install'
To: None <gnats-bugs@gnats.netbsd.org>
From: None <cgd@NetBSD.ORG>
List: netbsd-bugs
Date: 05/27/1998 00:45:34
>Number:         5498
>Category:       bin
>Synopsis:       /etc/dhclient-script is clobbered by 'make install'
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue May 26 17:50:01 1998
>Last-Modified:
>Originator:     Chris G. Demetriou
>Organization:
Kernel Hackers 'r' Us
>Release:        NetBSD-current as of May 22, 1998
>Environment:
System: NetBSD brick.int.demetriou.com 1.3E NetBSD 1.3E (BRICK) #80: Fri May 22 12:06:43 PDT 1998 cgd@brick.int.demetriou.com:/usr/src/sys/arch/i386/compile/BRICK i386


>Description:
	'make install' in src/usr.sbin/dhcp/client clobbers
	/etc/dhclient-script.

	Presumably, the dhclient-script manual page includes the text:

	"This script is not meant to be customized by the end user."

	to excuse that behaviour, but that's not a valid excuse for
	several reasons.

	First, as noted in the dhclient-script manual page itself, the
	script may not work on particular versions of particular
	operating systems.  That is, a local change to the OS may require
	a local change to dhclient-script, and clobbering it without
	warning isn't particularly nice.

	Second, even on systems where the standard dhclient-script is
	supposed to work, it may be buggy (see PR 4807).  It's bad to
	clobber people's bug fixes without warning.

	Third, even though the author of the DHCP code thinks that the
	script shouldn't be modified by end users, the users might
	have other ideas.  For instance, I have added code to the
	dhclient-script on my laptop that disables dhclient and the
	interface, when the DHCP attempts fail (i.e. the script is
	invoked with "FAIL" as the state), to save battery power when
	not connected to a network.  It's bad to clobber people's
	improvements without warning.

	Fourth and finally, as noted in hier(7), /etc is for
	"system configuration files and scripts."  In other words,
	/etc is for things the user can modify to configure their system.
	Programs (including scripts) run by other programs belong in
	/usr/libexec or elsewhere.

	So, in a nutshell, it's wrong for src/usr.sbin/dhcp/client to
	overwrite /etc/dhclient-script.  There's no reason to do it,
	it violates the principle of least surprise, and it can cause
	the user a serious headache if they don't quickly realize what
	went wrong.
	
>How-To-Repeat:
	Modify /etc/dhclient-script.  cd into src/usr.sbin/dhcp/client,
	make install.  Note that your mods to /etc/dhclient-script were
	vaporized.  Scratch your head.

>Fix:
	"Don't do that."  In order of preference, either:

	(1) install the script as /etc/dhclient-script _only_ when doing
	    a 'make distribution' from src/etc.

	(2) install the script as an example, in /usr/share, and tell
	    people to clone it from there.

	(3) install the script as /etc/dhclient-script.proto, and tell
	    people to copy it from there and modify it as appropriate.

	(4) install the script in /usr/libexec, and modify the manual
	    pages to indicate that dhclient.conf should point at it there.

	Really, only (1) and (2) are 'good', but (3) and (4) are less
	broken than what's done now.
>Audit-Trail:
>Unformatted: