Wouter Verhelst writes ("Re: Bug#904558: What should happen when maintscripts
fail to restart a service"):
> Perhaps the error handler should also be configurable by policy-rc.d, as
> I hinted to before.
I think this is a key point. We do not have to make a single decision
which everyone has to be happy with. We can instead continue to be
all things to all people.
I think the best answer would be:
* Individual maintainers decide for themselves whether to treat
service (re)start failure as postinst failure, based on their own
perception; maintainers may make different decisions for different
init systems.
* If the maintainer has no particular reason to diverge the right
answer is usually to fail the postinst with init systems that do
not provide service supervision; but to not fail the postinst with
ones that do. (I think from earlier messages that this is how the
default implementations already work.)
* The administrator should be able to override this policy question
globally for the whole system, or on a per-package basis.
This is probably a manageable amount of actual work: the prescription
for individual package sis roughly what they do right now.
The support for configuration in something like policy-rc.d has a few
design decisions to be made but doesn't seem really difficult. Also
nothing blocks on it. The TC would simply be saying "this would be a
good thing to have".
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
