Comment 1 for bug 728128
Revision history for this message
| Jamie Strandboge (jdstrand) wrote Re: ufw user.rules should be stored in /etc to allow tracking by package 'etckeeper' | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Thank you for using ufw and reporting a bug. I understand where you are coming from with regard to backups and the desire to have the files in /etc. The user*.rules files are not intended to be modified by a person, but instead by the ufw CLI command. /lib is not the perfect place, but it is the best place considering practicality and the FHS shortcomings. See http://
Specifically, the user*.rules files are considered 'state' files and not 'configuration' files and according to the FHS, the proper place is actually in /var ("State information is data that programs modify while they run, and that pertains to one specific host. Users must never need to modify files in /var/lib to configure a package's operation"). Indeed, this is where ufw originally stored the user*.rules, but alas this can't be done due to bug #400208. ufw starts extremely early in the boot process, way before /var is mounted. /etc could make sense, and I thought about putting it there, but this would likely lead to misconfiguration and these files much more fit the definition of state files anyway. Which leaves the imperfect '/lib'. The title of section in the FHS is 'Essential shared libraries and kernel modules'. That certainly doesn't sound right, but reading the description of 'The /lib directory contains those shared library images needed to boot the system and run the commands in the root filesystem, ie. by binaries in /bin and /sbin'. That sounds more like what we need. udev was looked at as a precedent, though admittedly it uses static text files as opposed to the more volatile ufw user*.rules files.
In short, the rationale is:
a) the user*.rules are state files, not configuration files
b) user*.rules should be in /var, but cannot due to when ufw is started during system boot
c) user*.rules shouldn't be in /etc because they are state files, and if they were there people could easily break ufw when modifying them by hand
d) user*.rules are put in /lib because this addresses a-c and because the files are needed to bring up the system
I don't particularly like the files in /lib with the current specification, but the FHS doesn't currently address situations where you need state files in the early boot process.