Re: [Pkg-puppet-devel] Wheezy update of puppet?

To: debian-lts@lists.debian.org
Cc: Debian LTS <debian-lts@lists.debian.org>
Subject: Re: [Pkg-puppet-devel] Wheezy update of puppet?
From: Jens Korte <korte@mailbox.org>
Date: Tue, 27 Jun 2017 21:02:21 +0200
Message-id: <[🔎] 20170627210221.7a366bc9b36923c4429f99b1@mailbox.org>
In-reply-to: <[🔎] 87a84te0te.fsf@curie.anarc.at>
References: <20170521205352.GA773@inguza.net> <20170522204453.amyotrxfz56vsypl@marvin.dmesg.gr> <20170524095154.5ooj6inyeg643xas@marvin.dmesg.gr> <[🔎] 87shile8az.fsf@curie.anarc.at> <[🔎] 87mv8te5jv.fsf@curie.anarc.at> <[🔎] 20170627180807.kaq6hoe2vtzvabl6@bogon.m.sigxcpu.org> <[🔎] 20170627181733.4u4be5jtx5c4yzmu@marvin.dmesg.gr> <[🔎] 87a84te0te.fsf@curie.anarc.at>

On Tue, 27 Jun 2017 14:35:09 -0400
Antoine Beaupré <anarcat@orangeseeds.org> wrote:

> On 2017-06-27 21:17:33, Apollon Oikonomopoulos wrote:
> > On 20:08 Tue 27 Jun     , Guido Günther wrote:
> >> That sounds good to me especially if it's possible to toggle this so 
> >> one
> >> can e.g. first update all clients then disable accepting YAML on the
> >> server.
> >
> > My thoughts exactly, it will be great if there's a configuration option 
> > for turning off YAML.
> 
> Unfortunately, this is completely hardcoded in the source code, even in
> newer releases. I would think it unwise to allow such a configuration in
> wheezy since it would be ignored in later release.

How about introducing a second package that provides the same as puppet but without YAML? It would not break the configuration later on and people can choose to install the old package with higher security.

> 
> Basically, once you update the clients to the new version, you turn off
> YAML. :) PSON works with an unpatched server, so that's your
> "configuration option"...
> 
> A.
> 
> -- 
> If I can't dance, I don't want to be part of your revolution.
>                         - Emma Goldman
> 


-- 
Jens Korte <korte@mailbox.org>

Reply to:

Follow-Ups:
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

References:
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Guido Günther <agx@sigxcpu.org>
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Apollon Oikonomopoulos <apoikos@debian.org>
- Re: [Pkg-puppet-devel] Wheezy update of puppet?
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

Prev by Date: Re: [Pkg-puppet-devel] Wheezy update of puppet?
Next by Date: Re: [Pkg-puppet-devel] Wheezy update of puppet?
Previous by thread: Re: [Pkg-puppet-devel] Wheezy update of puppet?
Next by thread: Re: [Pkg-puppet-devel] Wheezy update of puppet?
Index(es):
- Date
- Thread