Re: update-inetd

To: debian-devel@lists.debian.org
Subject: Re: update-inetd
From: Klaus Ethgen <Klaus@Ethgen.de>
Date: Sun, 14 Jan 2007 14:31:31 +0100
Message-id: <[🔎] 20070114133131.GA31911@ikki>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 87zm8nok3c.fsf@hardknott.home>
References: <[🔎] sa43b6imgkq.fsf@margay.local> <[🔎] 87y7o9diif.fsf@informatik.uni-tuebingen.de> <[🔎] 87k5ztnrca.fsf@hardknott.home> <[🔎] 20070112164750.GA16410@ikki> <[🔎] 87zm8nok3c.fsf@hardknott.home>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hi,

Am Sa den 13. Jan 2007 um  1:18 schrieb Roger Leigh:
> > c) update-inetd should default to creating none unless explicitly told
> >    to. This has the advantage of staying secure if a dau admin install a
> >    package accidentally.
> 
> This would not square with the current practice of defaulting to a
> secure but functional service when you install a package.  If you
> didn't want to run it, you wouldn't install it.  The admin always has
> the option of commenting it out.

Well, but it would be the way a daemon has to work. As admin I do never
like to have a deamon enabled before I configure it properly. And some
packages install a server as dependencies. (Sure, this is a bug.)

> I've been exposed to using Fedora recently, which takes the approach
> you suggest of requiring explicit enabling of *everything*, and it's a

I do not see the point. Fedora do enable everything what is needed to
run the system. All deamons which are not needed essentially are
disabled by default. (Other think is the strange dependencies in RedHats
Fedora.)

> complete pain.  Trying to discover the thing to tweak to get a daemon
> to work is rather annoying; intentionally "crippling" a package by
> default is not IMO the way to go.

Hmm. I don't think so. It is easy to do a "update-inetd --enable
whatever". Moreover in my eyes the functionality should be the same if
inetd or xinetd is uses (like RedHats chkconfig do).

And the mess is at the moment there is no way of NOT to install any
superserver at all. There is software you don't want to run as deamon
but having dependencies for inetd or (better) update-inetd. And there
are also packages arround NOT having dependencies for update-inetd but
using it in postinst and/or prerm.

Wishes
   Klaus Ethgen
- -- 
Klaus Ethgen                            http://www.ethgen.de/
pub  2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE  EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRaows5+OKpjRpO3lAQJqiwf/X5nQUpFao4n6RBS/j25mxN9+q/BebaV/
VzEImKvzRMzuPgunQHzy0B9MgaS5AzaIOlZ7+nLcXwG4AI92iCFExMS/2kpcmOy2
MoqGXldoqbP31/e4w8nHOa4O7u22Ra4k/i023rGeXlzlFhy/8yFvVVVxJFvr5+3D
HZ7MvNvqEcO/+SSf0KJa7Dvyd3h6K1wUs+qqeO8OUeF6jx2ex9SjkfRi2wY2aKoD
k8YrayEbxJCJ0CG8sYwD6cglG2DeVglRENTGvmzuc+gxFWXkbvDpevBXSOo0QP8d
GENiopWj5UyOYOen0RU6Ay3pPv8sX/64p48HZU8WJw1j1pfadrfULA==
=2ALM
-----END PGP SIGNATURE-----

Reply to:

References:
- update-inetd
  - From: Brian May <bam@snoopy.debian.net>
- Re: update-inetd
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: update-inetd
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>
- Re: update-inetd
  - From: Klaus Ethgen <Klaus@Ethgen.de>
- Re: update-inetd
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>

Prev by Date: Re: update-inetd
Next by Date: Ihre Newsletter-Registrierung bei safety4all.de
Previous by thread: Re: update-inetd
Next by thread: Re: update-inetd
Index(es):
- Date
- Thread