What to do when upstream breaks configuration

Stephen Gallagher sgallagh at redhat.com
Mon Jan 10 13:02:16 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One of my packages (ReviewBoard) just released a point update that makes
a problematic change for installed instances.

Specifically, they identified an issue with ReviewBoard running on
mod_wsgi that requires that an option (WSGIPassAuthorization) be added
and that the WSGIScriptAlias be updated.

It's only an issue for currently-installed sites, not for new sites
created by the site-installer.

This point release includes a large number of bug fixes (some fairly
serious), so I don't want to skip supporting it in released Fedora, but
at the same time I'm not sure how to communicate to users that if they
update to this version, it may break their configuration without manual
intervention.

As a caveat, this is a project that always requires at least some manual
intervention on upgrade, as individual sites need to have an upgrade
script run on them. So end-users are used to taking some action.
Unfortunately, upstream did not include this configuration change into
the upgrade script (mostly because the location of this configuration
file isn't guaranteed on all platforms) so it will require an additional
step by the users.

So what would be the correct way to approach this? I'm not sure if
making a note about it in the updates description is sufficient (since
this is a server tool and I assume 99% of end-users will be updating
this with yum, not the PackageKit GUI). At the same time, some of the
bugfixes here are very important, so as mentioned above, I don't want to
leave it to a future Fedora. (Which furthermore wouldn't necessarily
help if users have puppet-managed configurations that they'd try to port
forward).

- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0rA1gACgkQeiVVYja6o6MsFgCfUlc1d11yjiYU3sUIf+t7OoDu
h70An1SD3G9h5nu1QO4kiPMv87TFUHub
=j8lQ
-----END PGP SIGNATURE-----

More information about the devel mailing list