Move /var/lib/iptables/empty* to /usr/share/iptables/
Task Info (Flyspray) | |
---|---|
Opened By | Janusz Lewandowski (LEW21) |
Task ID | 45462 |
Type | Feature Request |
Project | Arch Linux |
Category | Packages: Core |
Version | None |
OS | All |
Opened | 2015-06-24 21:36:35 UTC |
Status | Assigned |
Assignee | Felix Yan (felixonmars) |
Details
According to the Filesystem Hierarchy Standard, /var/lib is used for variable state information, and /usr/share is for shareable, read-only, architecture-independent data. /var/lib/iptables/empty* aren't ever modified by the system, and are used to reset iptables to the empty state. Therefore /usr/share seems to be a better place for them.
Also, it would move Arch closer to supporting volatile systems according to http://0pointer.net/blog/projects/stateless.html
BTW, it might be worth it to also move /etc/iptables/{empty,simple_firewall}.rules to /usr/share/iptables, as they aren't used as config by default, so there is no reason for them to be in /etc. This way all the package files would be in /usr. In case you decide not to move them, then probably backup=('/etc/iptables/empty.rules' '/etc/iptables/simple_firewall.rules') should be added to the PKGBUILD, so they'll be subject to the pacnew/pacsave system.