From ea7020f13b3354625b3ffecf6c53a63cc047971d Mon Sep 17 00:00:00 2001
From: HuijingHei <hhei@redhat.com>
Date: Thu, 24 Oct 2024 15:09:54 +0800
Subject: [PATCH] alternatives: update doc to use the usual `alternatives`
 commands

See https://github.com/coreos/fedora-coreos-tracker/issues/677#issuecomment-2429223322
---
 modules/ROOT/pages/alternatives.adoc | 50 +++++++++++-----------------
 1 file changed, 19 insertions(+), 31 deletions(-)

diff --git a/modules/ROOT/pages/alternatives.adoc b/modules/ROOT/pages/alternatives.adoc
index d281be92..26c69df9 100644
--- a/modules/ROOT/pages/alternatives.adoc
+++ b/modules/ROOT/pages/alternatives.adoc
@@ -1,37 +1,25 @@
 = Setting alternatives
 
-Due to an https://github.com/fedora-sysv/chkconfig/issues/9[ongoing issue] in how alternatives configurations are stored on the system, Fedora CoreOS systems can not use the usual `alternatives` commands to configure them.
+Now Fedora CoreOS systems can use the usual `alternatives` commands to configure the default command, as https://github.com/fedora-sysv/chkconfig/issues/9[issue] is fixed.
 
-Instead, until this issue is resolved, you can set the symlinks directly in `/etc/alternatives`. For example, to use the legacy-based variants of the `iptables` commands:
+For example, to use the iptables-nft variants of the `iptables` commands:
 
-[source,yaml,subs="attributes"]
+[source,bash,subs="attributes"]
 ----
-variant: fcos
-version: {butane-latest-stable-spec}
-storage:
-  links:
-    - path: /etc/alternatives/iptables
-      target: /usr/sbin/iptables-legacy
-      overwrite: true
-      hard: false
-    - path: /etc/alternatives/iptables-restore
-      target: /usr/sbin/iptables-legacy-restore
-      overwrite: true
-      hard: false
-    - path: /etc/alternatives/iptables-save
-      target: /usr/sbin/iptables-legacy-save
-      overwrite: true
-      hard: false
-    - path: /etc/alternatives/ip6tables
-      target: /usr/sbin/ip6tables-legacy
-      overwrite: true
-      hard: false
-    - path: /etc/alternatives/ip6tables-restore
-      target: /usr/sbin/ip6tables-legacy-restore
-      overwrite: true
-      hard: false
-    - path: /etc/alternatives/ip6tables-save
-      target: /usr/sbin/ip6tables-legacy-save
-      overwrite: true
-      hard: false
+# Check iptables points to iptables-legacy
+sudo alternatives --display iptables
+
+# Update iptables to use the nft implementation
+pfx=/usr/sbin/iptables
+pfx6=/usr/sbin/ip6tables
+sudo alternatives --install ${pfx} iptables ${pfx}-nft 15 \
+  --slave ${pfx6} ip6tables ${pfx6}-nft \
+  --slave ${pfx}-restore iptables-restore ${pfx}-nft-restore \
+  --slave ${pfx}-save iptables-save ${pfx}-nft-save \
+  --slave ${pfx6}-restore ip6tables-restore ${pfx6}-nft-restore \
+  --slave ${pfx6}-save ip6tables-save ${pfx6}-nft-save
+sudo alternatives --auto iptables
+
+# Check iptables points to iptables-nft
+sudo alternatives --display iptables
 ----