X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 21B9FDC0225 for ; Fri, 19 Oct 2012 07:47:28 +0000 (UTC) Received: by mail-vb0-f54.google.com with SMTP id v11so195412vbm.13 for ; Fri, 19 Oct 2012 00:47:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=C6F180/A2AmN9ap8+sGgKMiAS6QWOEvAuzpNILsQOug=; b=IK7rZTlulf/6fvdaZGwezpmqFhhTPExoV+08KtT6IWuddnSdqawn91Lb5Jfh3PbOI/ aXvDfO2ohJaPvBRtEYDtTArNu/6H7/ixB2OABp4hK3X3vZJrWSnU5V6I+JY3dGIAOKpm aZnx0bDf9yiux5iFrPVyhdfCbfcIO3krikLK40/R7pm4L9xPKRJ8lcBKLZ/wSqJikuW7 itYkrYITK0hnpEkJ0lSHBjvogXyJPREiMycU86jbBM7rKt08Epb/9IlpoCuyeQyBDjFe 0wKpXEZ2/Z8N6k7xYibqjScGHT7drAUvTGzsX7u9kAdolO89jXNfrQ5hWSImMKl5PsM+ 4WCg== X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Received: by 10.220.157.15 with SMTP id z15mr469717vcw.38.1350632848005; Fri, 19 Oct 2012 00:47:28 -0700 (PDT) Received: by 10.58.196.133 with HTTP; Fri, 19 Oct 2012 00:47:27 -0700 (PDT) Date: Fri, 19 Oct 2012 09:47:27 +0200 Message-ID: Subject: [alpine-devel] AWall Policy files From: Mika Havela To: alpine Content-Type: text/plain; charset=ISO-8859-1 Hi! Thanks for working on AWall! I have a question about where AWall Policy files are/should be saved. As I understand it, AWall will look for user-created Policy files in '/usr/share/awall/optional'. Technically it works fine. But when using AWall on Alpine that boots from read only media, you will need to add this additional step when configuring AWall lbu include /usr/share/awall/optional (If you have HDD installed Alpine you can skip the above step.) But /each/ time read only media (eg. USB,CD,CF,...) is used, you will need to remember to do the 'lbu inc...' step or you will loose your configs at next reboot. Most other packages in Alpine saves config-files in '/etc' and therefore 'lbu' takes care of these automatically without forcing user to run 'lbu inc'. If AWall would do the same (in addition to read Policy files from '/usr/share/awall/optional') then it might reduce situations when a user sets up AWall but loses their config at next reboot because they forgot to run 'lbu inc /usr/share/awall/optional'. My suggestion for improving AWall would be that we make AWall read for Policy files from: * /usr/share/awall/optional/ (as it already does) * /etc/awall/policy.d/ (or some other appropriate dir name that indicates that here are some Policies that could be enabled/activated) This way users could be directed to create their own policies in '/etc/awall/policy.d/' and as long as they run 'lbu ci' (which they would when running on read only media) then they will not lose anything. '/usr/share/awall/optional/' could be a path where 'apk' can store AWall policies that comes from some package(s). Might be AWall already has takes care about the 'lbu' issue mentioned above, in that case please direct me where user-specific configs should be stored (preferably somewhere in /etc/). These where just some thoughts about AWall improvements. <> --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---