What | Removed | Added |
---|---|---|
Flags | needinfo?(jsegitz@suse.com) |
In a packaged script you can add more defensive logic easily without having to bloat the rather large %post section further. One idea would be to add a flag that indicates that the script already ran and not go through the logic again. If the circumstances ever change (e.g. the ntp keys are moved into a directory owned by an unprivileged user) that would limit the impact of the root escalation to fresh installations, not to every ntp package update. It's just a suggestion at this point. The current logic is safe, I'm just worried that this might change over time.