I added CC to two more people who might be interested in what we are
discussing. I have also incorporated the suggestions you made and made a
second candidate patch, attached.
On 2/10/23 04:00, Bruno Haible wrote:
Jason Sikes wrote:
You are correct that the
configuration files should only go in one directory when done on behalf
of a distribution.
OK, this removes my biggest worry.
* worse, invites packages to (perhaps inadvertently) restrict user freedom.
Restricting user freedom is certainly not the intent of this proposal.
As a hacker and programmer, this is not something I am interested in for
my own personal use. If I was an admin of a system where security is
important, then, yes, I would be considering this.
Sorry for the misunderstanding: I meant that the distro would take away
freedom from the admin user (by making /usr read-only). The admin user
can control the non-privileged user anyway; there's no change in that area.
Anyway, you've blown away this worry.
And again, I apologize for the confusion.
- Distributors use --prefix=/usr and don't specify --sysconfdir, because
its default value $(prefix)/etc is already appropriate.
My understanding of the "prefix" option is that it for building
something that installs in the case that system rules prohibit
installing in root.
The --prefix option is also meant for use by root. --prefix=/usr makes
sense when the /usr partition is writable. --prefix=/usr in combination
with "make install DESTDIR=/tmp/staging" also makes sense when the /usr
partition is read-only and there are some other means for transferring
the contents of /tmp/staging/usr to /usr. (Whether this can trigger
warnings by future invocations of the package manager apt / rpm / dnf / ...
is an independent consideration.)
And I stand corrected. I just checked a few of the builds that I did
recently, and we indeed use "--prefix=/usr" in our configure step of
building an RPM.
Now I know.
Another big reason we don't use "prefix" is that we (packagers) already
have macros that determine where various files should go
Sure, if a packager has other means to collect the artifacts, a
"make install" step that depends on a --prefix option is not needed.
- Packages define a configure option for the /etc directory, e.g.
--enable-etcdir=/etc
through Autoconf [3].
Yes, and what we are proposing is that this option (by a different name)
will be included in Autoconf so that developers don't have to add it
manually.
The proposed patch [1] does more than that. Especially the documentation
change suggests that it's OK for the "make install" step to install files
in both /usr/etc and /etc. As you clarified above, this is not what is
desired.
The configure --help output and/or the documentation should state that
- "make install" will install into SYSCONFDIR,
- but the package will read from ETCDIR and then from SYSCONFDIR.
You are correct. We will fix that. Our goal is to move all the
configuration files in packages that we provide over to /usr/etc, and
have programs look for configuration files in both /etc and /usr/etc.
[4] "sysconfdir" and "distconfdir" are what we use in SUSE packaging to
point to /etc and /usr/etc respectively. So I used them for this
proposal. The problem is that their meanings are different, and their
actual usage is swapped. So that was a terrible idea.
Yes, we can't change the meaning of "sysconfdir" (as a directory to
install into) or its name, so many years after it was introduced.
Might I suggest:
* RWCONFDIR,
* ALTCONFDIR, or
* ADMCONFDIR?
ADMINCONFDIR sounds good to me. I.e. the option's name would be
--adminconfdir.
Ha! That was what I actually originally came up with, but it didn't line
up with the other two options so I shortened it.
I guess that's two people who vote for it.
ALTCONFDIR is too much from the perspective of the vendor. From the
perspective of the administrator, /etc is the primary and /usr/etc
is the alternate configuration directory.
RWCONFDIR can be misunderstood because
- on some systems, both /usr/etc and /etc will be writable by root,
- non-privileged users cannot write in either location.
The documentation then should make clear that
- the package is then supposed to make the value of the --adminconfdir
option available to the program by defining a C macro ADMINCONFDIR:
E.g. in packages that use Automake:
AM_CPPFLAGS += -DADMINCONFDIR=\"$(adminconfdir)\"
- the package's code is then supposed to read from that location,
- but the package should not install any files into $(adminconfdir).
How many packages will likely make use of this facility? Just systemd,
PAM, and D-BUS [1]? In my machine's /etc, I see roughly 200 configurations.
So, are we talking about a few packages or several hundreds?
We are in the process of moving all of the packages that use /etc over
to /usr/etc. However, lots of packages that use /etc depend on other
packages that also use /etc, but we can't move them all at once.
--Again, thank you so much,
--Jason
Bruno
[0]https://0pointer.net/blog/projects/stateless.html
[1]https://lists.gnu.org/archive/html/autoconf-patches/2023-02/msg00007.html
[2]https://www.gnu.org/software/automake/manual/html_node/Hard_002dCoded-Install-Paths.html
[3]https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.71/html_node/Package-Options.html
diff --git a/doc/autoconf.texi b/doc/autoconf.texi
index 7b42dd6..21f467c 100644
--- a/doc/autoconf.texi
+++ b/doc/autoconf.texi
@@ -2992,6 +2992,12 @@ The directory for installing modifiable architecture-independent data.
The directory for installing read-only single-machine data.
@end defvar
+@defvar adminconfdir
+@ovindex adminconfdir
+The directory for reading administrator-provided single-machine data in
+systems where @code{sysconfdir} could be read-only.
+@end defvar
+
Most of these variables have values that rely on @code{prefix} or
@code{exec_prefix}. It is deliberate that the directory output
@@ -27274,7 +27280,7 @@ introduced in this document.
@c LocalWords: Systemology Checkpointing Changequote INTERCAL changequote dfn
@c LocalWords: Quadrigraphs builtins Shellology acconfig Bugward LIBOBJ Imake
@c LocalWords: LIBOBJS IFELSE cindex flushright Pinard Metaconfig uref Simons
-@c LocalWords: distclean uninstall noindent versioning Tromey dir vr
+@c LocalWords: distclean uninstall noindent versioning Tromey dir vr adminconfdir
@c LocalWords: SAMS samp aclocal acsite underquoted emph itemx prepend SUBST
@c LocalWords: evindex automake Gettext autopoint gettext symlink libtoolize
@c LocalWords: defmac INIT tarname ovindex cvindex BUGREPORT PREREQ asis PROG
diff --git a/doc/make-stds.texi b/doc/make-stds.texi
index b0745a8..d5e993e 100644
--- a/doc/make-stds.texi
+++ b/doc/make-stds.texi
@@ -504,6 +504,26 @@ files that are modified in the normal course of their use (programs
whose purpose is to change the configuration of the system excluded).
Those probably belong in @file{$(localstatedir)}.
+@item adminconfdir
+This directory is not meant for installation. Administrators of systems
+where @samp{sysconfdir} is in a read-only filesystem can copy the files
+to @samp{adminconfdir} and edit them.
+
+
+
+Programs that rely on configuration files should look for them in
+@samp{adminconfdir} before looking in @samp{sysconfdir}. These programs
+should also make the value of the --adminconfdir option available to the
+program by defining a C macro ADMINCONFDIR:
+
+E.g. in packages that use Automake:
+
+AM_CPPFLAGS += -DADMINCONFDIR=\"$(adminconfdir)\"
+
+This directory should normally be @file{/etc}, but write it as
+@file{$(prefix)/etc}. (If you are using Autoconf, write it as
+@samp{@@adminconfdir@@}.)
+
@item sharedstatedir
The directory for installing architecture-independent data files which
the programs modify while they run. This should normally be
diff --git a/doc/standards.texi b/doc/standards.texi
index e5ae3cb..04cd0ef 100644
--- a/doc/standards.texi
+++ b/doc/standards.texi
@@ -4239,7 +4239,7 @@ corresponding to most of the standard directory variables
@example
--prefix --exec-prefix --bindir --sbindir --libexecdir --sysconfdir
---sharedstatedir --localstatedir --runstatedir
+--adminconfdir --sharedstatedir --localstatedir --runstatedir
--libdir --includedir --oldincludedir
--datarootdir --datadir --infodir --localedir --mandir --docdir
--htmldir --dvidir --pdfdir --psdir
diff --git a/lib/autoconf/general.m4 b/lib/autoconf/general.m4
index 053130b..5a9ffc3 100644
--- a/lib/autoconf/general.m4
+++ b/lib/autoconf/general.m4
@@ -600,6 +600,7 @@ AC_SUBST([libexecdir], ['${exec_prefix}/libexec'])dnl
AC_SUBST([datarootdir], ['${prefix}/share'])dnl
AC_SUBST([datadir], ['${datarootdir}'])dnl
AC_SUBST([sysconfdir], ['${prefix}/etc'])dnl
+AC_SUBST([adminconfdir], ['${prefix}/etc'])dnl
AC_SUBST([sharedstatedir], ['${prefix}/com'])dnl
AC_SUBST([localstatedir], ['${prefix}/var'])dnl
AC_SUBST([runstatedir], ['${localstatedir}/run'])dnl
@@ -870,6 +871,13 @@ do
| --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
sysconfdir=$ac_optarg ;;
+ -adminconfdir | --adminconfdir | --adminconfdi | --adminconfd | --adminconf \
+ | --admincon | --adminco | --adminc | --admin | --admi | --adm)
+ ac_prev=adminconfdir ;;
+ -adminconfdir=* | --adminconfdir=* | --adminconfdi=* | --adminconfd=* | --adminconf=* \
+ | --admincon=* | --adminco=* | --adminc=* | --admin=* | --admi=* | --adm=*)
+ adminconfdir=$ac_optarg ;;
+
-target | --target | --targe | --targ | --tar | --ta | --t)
ac_prev=target_alias ;;
-target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
@@ -945,7 +953,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir runstatedir
+ libdir localedir mandir runstatedir adminconfdir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1080,6 +1088,8 @@ Fine tuning of the installation directories:
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
+ --adminconfdir=DIR alternate configuration directory [PREFIX/etc]
+ installer should not place files here!
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
