On 2/6/20 9:41 AM, Daniel Baumann wrote:
> On 2/6/20 4:10 AM, Richard Laager wrote:
>> That's been my interpretation too. My expectation as a sysadmin is that
>> /srv is available for my _exclusive_ use.
>
> in the case of vsftp and tftpd-hpa, there's a debconf question asking
> the admin for the location of these directories, for which /srv/{t,}ftp
> are the default values.
>
> or in other words: I agree with you that /srv shall not to be touched
> without consent from the admin.That's a very interesting point! I hadn't considered the difference between a fixed default and a debconf default. FWIW, at $DAYJOB, our stance is to accept all debconf defaults (e.g. use "hit enter at every prompt" or use noninteractive mode) and then configure after / on top of that (via debconf or not). So to me, in practice, debconf defaulting to /srv/tftp is the same as not having a debconf prompt and making it a fixed default. I understand that's not the same in theory, where a reasonable argument can be made that the admin accepting the debconf prompt is giving their permission. In terms of these particular packages, I'm not using vsftp and I'm using tftpd-hpa with its default of /srv/tftp. I don't have strong feeling abouts debconf-default vs fixed-default, so I probably don't have much to add further. -- Richard
signature.asc
Description: OpenPGP digital signature
