Hi,
> On 31. May 2021, at 11:44, nia <nia%NetBSD.org@localhost> wrote:
>
> On Mon, May 31, 2021 at 10:14:18AM +0200, Pierre Pronchery wrote:
>>
>>> On 31. May 2021, at 09:07, nia <nia%NetBSD.org@localhost> wrote:
>>>
>>> On Sun, May 30, 2021 at 11:41:05PM +0000, Pierre Pronchery wrote:
>>>> Log Message:
>>>> Introduce a new SYSCONFBASE variable (defaults to /etc)
>>>
>>> I'm not sure I like this change -- it's confusing paired with
>>> SYSCONFDIR. The status quo is that pkgsrc doesn't modify anything
>>> outside of its own PREFIX, so on NetBSD the expectation is that you
>>> copy the rc script to /etc yourself, possibly with local changes.
>>
>>
>> The aim here is not to copy anything automatically; that behaviour is unaffected.
>>
>> On the contrary, this allows (unprivileged) builds to expect RC scripts in e.g. $PREFIX/etc/rc.d instead of always /etc/rc.d, and to use them from there. rc.subr gets installed there instead of
>> going in /etc, therefore allowing pkgsrc's RC scripts to be used in unprivileged mode.
>> There is already a PKG_SYSCONFBASE for packages, so SYSCONFBASE is the same for the base system.
>>
>> This requires every RC script to be updated, with e.g. s,/etc/rc.subr,@SYSCONFBASE@/rc.subr,.
>> I have tested this with OpenLDAP (slapd), PostgreSQL (with s,su -m pgsql,sh,), nginx, php-fpm, dovecot, and more.
>> Updating them is part 3 of the changes, and I will go one by one to be sure they work.
>>
>> The only danger that I can think of at this point is that now, pkgtools/rc.subr can be built and installed in privileged mode on NetBSD; this would probably overwrite the system's /etc/rc.subr. It
>> might make sense to have this package only allow builds on NetBSD in unprivileged mode and with SYSCONFBASE not set to /etc.
>
> OK, thanks. Is it useful to have as an argument in the bootstrap script
> or is it the case that it will always be:
>
> /etc/rc.d - on NetBSD
> ${PKG_SYSCONFIDIR}/rc.d - on everything else
I’ve been wondering about this, and my initial patch did not add the argument.
I think it does make sense to have it, because with pkgtools/rc.subr we now support installing rc.subr somewhere else than /etc, which can be useful on many platforms outside of NetBSD.
One such scenario could be on OpenBSD, where the local administrator/integrator wants nothing in /etc from pkgsrc, even in privileged mode; our default (and only way) before my changes was /etc. Now
RC scripts could be expected to work in this scenario, without touching the base system, regardless of the bootstrap being privileged or not.
HTH,
--
khorben
Attachment:
signature.asc
Description: Message signed with OpenPGP