On Tue, May 24, 2016, at 13:03, Ansgar Burchardt wrote: > On Tue, 2016-05-24 at 11:43 -0300, Henrique de Moraes Holschuh wrote: > > On Tue, May 24, 2016, at 10:01, Simon McVittie wrote: > > > On Tue, 24 May 2016 at 09:08:11 -0300, Henrique de Moraes Holschuh > > > wrote: > > > > Whatever we do, we absolutely must bring up a fully configured > > > > loopback > > > > interface by default. > > > Happily, our default init system already does that. > > We need to ensure any non-default ones also do that before we drop > > ifupdown from "recommends", because ifupdown + default > > /etc/network/interfaces is the fallback that ensures the loopback > > will be up. > > We are not talking about removing "ifupdown" from the default > installation which includes all "Priority: important" packages (which > happens to include both netbase and ifupdown). > > The only installations affected are debootstrap's "minbase" and > "buildd" variants: these only install "Priority: required" packages and > select extra packages (apt and, for buildd, build-essential). These > would no longer pull in "ifupdown" if "netbase" is installed.
As far as I am concerned, ensuring the "master namespace" loopback is configured and up is actually required behavior and it should be enforced by something stronger than "priority important" packages being installed. Systemd got this right. So, yes, I do think it would be best were it done by something in the initscripts package, since systemd is already doing it by itself as well. Also, it is "probably not ok" (as in I fully expect we will end up with people filling severity critical bugs should we do otherwise) to allow ifupdown (and likely netbase) to get uninstalled anywhere it was automatically installed, unless we ensure something else will take up their job. This is not even related to configuring the loopback, but rather to /etc/network/interfaces processing, as well as /etc/services. People sometimes trigger firewall setup and other supplementary network-related setup using the loopback entry in /etc/network/interfaces, because it is guaranteed to happen at the exactly the right time during boot and fully serialized with other interface bring-up. And people do configure network services using names from /etc/services instead of hard-coding port numbers (sometimes by not specifying a port number in the first place, and the service/daemon/application using the IANA-assigned service *name* in that case to look up the port number). That said, I don't expect this to be a real problem right now, but it is something to keep in mind. Obviously, it is not going to be an issue for new installs, but it could be for the next stable upgrade. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique de Moraes Holschuh <h...@debian.org>
