On Tue, 5 Nov 2024 at 12:27, Till Wegmüller <toasterson@gmail.com> wrote:
> This file gets delivered in a working state by the package but as soon
> as you edit it, it will never be touched again by the package system. We
> can only destroy everyones edits by removing preserve=true attribute
> from the file or have this situation happen,
FWIW, there are at least two other options:
- only deliver new software that is compatible with the existing
configuration file (patch software as needed)
- deliver an SMF service that "upgrades" the configuration, where
it is mechanically possible to do so, prior to starting the service
Ultimately this is an OpenIndiana-specific issue, though, as we no
longer deliver SSH in illumos itself. Other distributions are
presumably making different decisions with respect to backwards
compatibility and upgrades, etc.
As those of us who lived through it will remember, the transition from SunSSH
to OpenSSH in OmniOS was fun. I remember having to push out a specially fixed
sshd_conf that worked (and satisfied our requirements) with the old and new ssh,
In Tribblix, I've traditionally unconditionally overwritten sshd_conf on update, but
recently switched over to retaining a modified version. Time will tell whether that
causes more problems than it solves.