Francesco P. Lovergine wrote: > On Sun, Jun 22, 2008 at 07:43:38PM +0200, Franck Joncourt wrote: [...] >> So, right now, I would choose to work this way : >> >> - not ask for any questions and not start fwknopd during the install >> process ; a variable would be set to no in /etc/default/fwknop-server. >> - let the user have a quick setup (the three simple questions), and >> start the fwknopd daemon, by use of dpkg-reconfigure. Add a note about >> the recommended settings. >> >> But what about starting the simple setup through the three questions, by >> default, and mentionning that the user might want to configure gpg and >> restart. >> >> What would you suggest ? Any idea is welcome. > > Due to the nature of the fwknop protocol and goals I would avoid > to activate the daemon at all. The best thing to do is leaving it inactive > and let user to configure as appropriate in his/her context. > You can easily use a script that pre-check for a configured > daemon and starts it up or terminates gently. You can eventually > also add a debconf-based easy-setup with an initial question (which defaults > to NO) about easy autoconfiguration. Consider that fwknop is also > a non-system wide service which could be used in different terms, so > auto-starting it in other way would be not appropriate. See for instance > fetchmail: it works in system-wide fashion or not. To me, that sounds a good way to do : - Do not start fwknopd unless an already setup is found, - Let the user have an easy setup via debconf, - Let the user go through the documentation to set the recommended settings. I thank you for your reply. -- Franck Joncourt http://debian.org - http://smhteam.info/wiki/ Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE
Attachment:
signature.asc
Description: OpenPGP digital signature