Re: Add vendor configuration directory installation

[Bruno Haible]

> On 2023-02-06 08:30, Valentin Lefebvre wrote:
> >      This patch add a new autoconf argument that allows installation
> > into the vendor configuration directory (/usr/etc/). Some linux
> > distribution now move system configuration files from /etc to /usr/etc.
> > See this ref: [0]....
> 
> > [0]https://0pointer.net/blog/projects/stateless.html

I think that the proposed patch
  * is a wrong means to a right goal,
  * worse, invites packages to (perhaps inadvertently) restrict user freedom.

In detail:

From [0] and [1] I understand that the goal is:
  * to have configuration created by the OS vendor under /usr/etc,
    inside the read-only and possibly cryptographically secured /usr
    hierarchy,
  * to have configuration created by the administrator (user) under /etc,
  * to have, in the code, a mechanism by which the configuration in /etc
    overrides the configuration in /usr/etc. (At which level — the entire
    configuration, or by file, or by configuration element — is not clear,
    but is not relevant here.)

So, a package's "make install" goal should only ever install in *one*
of these two directories, namely
  - in /usr/etc when the build is done on behalf of a distro,
  - in $(prefix)/etc when the build is done on behalf of a user,
never in /etc.

The proposed patch "gives the opportunity for a project to install in both
location /etc and /usr/etc in same time".[1]

This is not good because
  - Installing in /usr/etc should be sufficient if the override mechanism
    has been implemented.
  - [PB2] Installing something in /etc would overwrite the administrator's
    choices.
  - [PB3] It invites the package's authors to look up certain files in /etc
    (which is against one of the goals from [0] to be able to have a
    system with an empty /etc) and other files in /usr/etc (which takes
    away the freedom from the administrator to override the configuration,
    if he can't write in /usr).

The better solution is that:
  - Packages install their configuration in $(sysconfdir). This is easily
    done through Automake [2].
  - Distributors use --prefix=/usr and don't specify --sysconfdir, because
    its default value $(prefix)/etc is already appropriate.
  - Packages define a configure option for the /etc directory, e.g.
      --enable-etcdir=/etc
    through Autoconf [3].
  - Packages implement the said override mechanism, looking first in
    ETCDIR and then in SYSCONFDIR.

If we were to make it easy for packages to install in /etc, in addition to
$(prefix)/etc, the problems PB2 and PB3 mentioned above are likely to occur.

Bruno

[0] https://0pointer.net/blog/projects/stateless.html
[1] https://lists.gnu.org/archive/html/autoconf-patches/2023-02/msg00007.html
[2] 
https://www.gnu.org/software/automake/manual/html_node/Hard_002dCoded-Install-Paths.html
[3] 
https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.71/html_node/Package-Options.html