[Pkg-haproxy-maintainers] Bug#790871: Bug#790871: haproxy install should restart rsyslog

[Olav Morken]

On Fri, Jul 03, 2015 at 15:16:20 +0200, Vincent Bernat wrote:
>  ❦  3 juillet 2015 15:03 +0200, Olav Morken <olav.morken at uninett.no> :
> 
> >> I am afraid that triggering a restart from another postinst script will
> >> just pile up additional bugs.
> >
> > That's unfortunate, but understandable.
> >
> > I still think something should be done, but I don't have any good
> > suggestions. Mentioning it in documentation could work, but I wouldn't
> > expect people to read that when installing the package. Maybe at least
> > mention it in the relevant location in haproxy.cfg
> 
> Another solution would be for rsyslog to implement a trigger to detect
> new files in /etc/rsyslog.d and reload when this is the case.

You are thinking of a trigger that would run after package 
installation? If the maintainers of rsyslog are willing to implement 
that, it would certainly be a good solution, which I think many 
packages would find useful.

This command reveals a few other packages that drop files in 
/etc/rsyslog.d, and I would expect a few other of them would also have
a use for such a trigger:

    curl -sL http://httpredir.debian.org/debian/dists/jessie/main/Contents-amd64.gz | zgrep '^etc/rsyslog\.d'

> > An extreme solution would be to disable chroot by default, not
> > installing any files for rsyslog and logrotate, but leave a comment in
> > haproxy.cfg:
> 
> Enabling a less secure default installation by default doesn't seem a
> good idea for me.

I agree it isn't a good solution. I'm only mentioning it because I 
think it is the simplest solution to implement that wouldn't suprise 
the system administrator in any way.

There are many software packages that support running 
in a chroot where that isn't part of the default configuration, and I 
assume that in many cases the reason for that is that it requires the 
administrator to properly configure the chroot environment first.

--
Olav Morken
UNINETT