- From: Daniel DeLeo <
>
- To: Andrea Campi <
>
- Cc: Bryan McLellan <
>,
- Subject: [chef-dev] Re: Re: CHEF-2880 debian policy and service provider
- Date: Thu, 9 Feb 2012 08:16:53 -0800
On Thursday, February 9, 2012 at 12:11 AM, Andrea Campi wrote:
>
On Wed, Feb 8, 2012 at 10:12 PM, Bryan McLellan
>
<
>
>
(mailto:
)>
>
wrote:
>
> The argument is that, if you ask Chef to do something and it cannot,
>
> it should fail. Or you shouldn't ask it to try. But we usually trust
>
> the underlying system, if there is a bug, perhaps it is in invoke-rc.d
>
> lying to us unless we use --disclose-deny. In any case, it isn't as if
>
> we're going to start running ps after a service resource action to
>
> verify if it worked or not.
>
>
>
>
Yes :)
>
>
Beyond this specific instance, I think the principle you outlined is
>
sane: Chef shouldn't try to do what you mean, as more often than not
>
it would violate POLA.
>
A warning can and will be ignored, and may lead to unexpected consequences.
>
A failure on the other hand requires the user to pay attention and
>
either fix the underlying systems, or adapt the cookbook.
>
>
Andrea
I'm of this opinion as well. I think that in this case you've created an
inconsistency between how the system is configured and what you're asking
chef to do, so the best option is to fail and let the admin either fix the
policy or the recipe.
--
Dan DeLeo
Archive powered by MHonArc 2.6.16.