Wandering Thoughts archives

2020-10-24

WhyIncludeWithExtension

Why configuration file snippets in a directory should have some extension

After a great deal of painful experience with the combination of local configuration tweaks combined with vendor upgrades, many systems and people have adopted an approach of splitting monolithic configuration files apart into multiple snippets that sit in a directory. One of the latest I've run into is Fedora with sshd configuration, with is especially relevant to me because I've been customizing mine for years (and carefully re-merging my customizations after various upgrades). However, there is an important thing to bear in mind when setting up such a system.

When you do this split and support including snippets from a directory, you should always require that the snippets have a specific extension, conventionally .conf, instead of just accepting any old file there. A big reason for this is that many Linux packaging systems may wind up creating or leaving oddly named files there when a package is added, upgraded, or removed under the right circumstances; for example, RPM (used on Red Hat Enterprise Linux among others) can create <something>.rpmnew and .rpmsave files. These variously created files should not be treated as live configuration snippets.

(Similarly, some systems for automatically modifying files will leave backup versions of the file around with some extension like .bak. You can usually turn this off, but you have to remember to do so; mistakes are inevitable.)

Requiring a specific extension also makes it easier to temporarily deactivate a snippet (just rename it to add a suffix on the extension), put in a README file to explain what you're doing, and so on.

Other methods of marking which snippets should be active don't cooperate as well with common package managers and generally aren't as obvious. If you're writing or modifying local software, you may not care about package managers (although you never know, you may want to put your software in one someday), but there's value in the other advantages of requiring an extension and other things on your systems are probably already working this way.

(Fedora's modification of their sshd_config to move it to being modified through snippets in /etc/ssh/sshd_config.d unsurprisingly requires all of the snippets to have a .conf extension.)

PS: This may be a standard new OpenSSH thing, since Ubuntu has it as well, and thus presumably Debian too. If anything Fedora is late to this party.

(3 comments.)
sysadmin/WhyIncludeWithExtension written at 00:27:59; Add Comment

(Previous day | Next day)
By day for October 2020: 2 3 4 6 7 8 9 10 11 12 13 15 16 17 18 19 21 23 24 25 26 28 29 30 31; before October; after October.

These are my WanderingThoughts
(About the blog)

Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.
Mastodon: @cks
Twitter @thatcks

* * *

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web
Also: (Sub)topics

This is a DWiki.
GettingAround
(Help)

Search:
Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.