FS#45462 - [iptables] Move /var/lib/iptables/empty* to /usr/share/iptables/
Attached to Project:
Arch Linux
Opened by Janusz Lewandowski (LEW21) - Wednesday, 24 June 2015, 21:36 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:22 GMT
Opened by Janusz Lewandowski (LEW21) - Wednesday, 24 June 2015, 21:36 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:22 GMT
|
Details
According to the Filesystem Hierarchy Standard, /var/lib is
used for variable state information, and /usr/share is for
shareable, read-only, architecture-independent data.
/var/lib/iptables/empty* aren't ever modified by the system,
and are used to reset iptables to the empty state. Therefore
/usr/share seems to be a better place for them.
Also, it would move Arch closer to supporting volatile systems according to http://0pointer.net/blog/projects/stateless.html BTW, it might be worth it to also move /etc/iptables/{empty,simple_firewall}.rules to /usr/share/iptables, as they aren't used as config by default, so there is no reason for them to be in /etc. This way all the package files would be in /usr. In case you decide not to move them, then probably backup=('/etc/iptables/empty.rules' '/etc/iptables/simple_firewall.rules') should be added to the PKGBUILD, so they'll be subject to the pacnew/pacsave system. |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:22 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/iptables/issues/2
Saturday, 25 November 2023, 20:22 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/iptables/issues/2
Comment by
Buggy McBugFace (bugbot) - Tuesday,
08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2
years. Please reply if you still experience this bug otherwise
this issue will be closed after 1 month.