On Tuesday, February 12, 2019 10:21:04 AM CET Matwey V. Kornilov wrote:
12.02.2019 12:07, Adam Majer пишет:
On 2/11/19 3:29 PM, Thorsten Kukuk wrote:
And I think this is what Matwey was asking for: if the package get's installed, it should start automatically. We never do that for security and stability reasons.
Then maybe we need a compromise when it comes to this. Like requiring AppArmor profile before services can be autostarted? This would be a little clearer picture than current nebulous definition of what and what not qualifies.
The "never" is also actually "mostly". There are services that are auto-enabled as otherwise we would have bad user experience despite it being more secure.
https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines#Enabling_sys temd_unit_files epmd.socket is auto-enabled and always been so. Auto-enabling does not assumes auto-starting. So epmd.socket is active after the next reboot, but it is not active until then.
That is a very valid point. I want to add about the user experience topic that this is mostly related with the user expectations. When openSUSE install a new package that contains a systemd service file is not expected that the service is started. The reason is about the configuration file. Sometime the defaults are insecure, useless or simply wrong. Starting a service in those conditions will ruin completely the user experience. Is expected that the user can adjust the configuration file before she / he start the service. Even if is enabled by default. IMHO following the openSUSE guidelines about systemd services is helping the user experience. -- SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Dilip Upmanyu, Graham Norton, HRB 21284 (AG Nürnberg) Maxfeldstraße 5, 90409 Nürnberg, Germany -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org