[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GUI Configuration tool for main Debian window managers

On Tue, 06 Jan 2015 10:56:12 +0100
Hans <hans.ullrich@loop.de> wrote:

> There was webmin/usermin for a long time in debian, until it was
> kicked off. The repo masters claimed, bacaus of "bad coding". They
> named ist "Spaghetti code" or similar.

Webmin suffered the same problems as many other tools aiming to do this
over-arching configuration - it opened security holes which didn't
exist otherwise. The code was also a mess - which then makes fixing it
a job for either experts or masochists. Not what most volunteers would
consider as fun. Security issues arising from bad coding are a prime
reason for removing packages.

> Since then a long time passed, almost 6 or 7 years, but no one looked
> at it again since then, although webmin is still under active
> development.

It would need to be completely refactored, IMHO. Even then, there
seems to be zero prospect of such a tool remaining sane when the
packages it attempts to control are developing independently. The
design and goal of the project inevitably lead to bad code and as the
aim of the project is to do things which involve the security of the
system, the cycle just repeats.
> This is just my personal opinion: For me this looks odd, when bad
> coding is the reason for being kicked off in debian, then many other
> packages are in the same danger, to be kicked off.

(I have something of a reputation of pushing for rubbish packages to
drop out of the archive and there are still a number of packages which
do deserve to be dropped. I'll get to those at a future BSP...)

The challenge for any generalised configuration tool is how to maintain
fingers-in-every-pie when there is no common ground in how the "client"
packages handle their configuration. It gets worse when the "general"
solution is imposed from above without any thought to how the other
packages will develop. This isn't about defining a new interface for
how packages get their normal work done, this is about a third-party
codebase trying to interact with packages in ways that the packages do
not necessarily support - going behind the back of packages and
replacing values in files.

A general configuration tool is a pipe dream and not worth
investigating. I for one would not be happy to see webmin back.

We have enough problems with salt, puppet, chef and the other
command-line scripting configuration tools. Those often need custom
modules to work with particular packages but at least those modules do
not have to become part of the main archive - it makes the security
issues local to the admins.


Neil Williams

Attachment: pgpjgwV4XgwXu.pgp
Description: OpenPGP digital signature

Reply to: