Hello Björn, On Wed, 20 Jan 2021, Björn Ricks wrote: > First of all let me introduce myself. I am long time free software > developer. For example at the German free software consulting company > Intevation at some KDE/Kolab project. Since five years I am working at > Greenbone and have become the lead of the GVM development some time ago. I'm a long time Debian developer and I work together with Sophie on Kali packages and we maintain some packages in the Debian pkg-security team. > With this email I would like to ask how the current situation can be > improved and how we can reduce the frustration on both sides (upstream > and downstream). For example currently a lot o people are popping up at > our forum (https://community.greenbone.net/) having issues with the > setup on Kali. For us it is very difficult to help in this case and it > would be nice if some Kali developers could join the forum and assist > users with their setup. That seems really unlikely to happen. GVM is one packages among 500 (albeit an important one). We already struggle to respond to those who post on bugs.kali.org... it seems unlikely that we will engage on community.greenbone.net. That said we would definitely love if things could work out of the box and if the result could be reliable so that you would get fewer users requesting help. The problem is that we are not GVM experts, we are packaging experts. 1/ We try our best to follow your documentation but the upstream documentation on how to setup GVM is not suited for a system-wide installation and we have to adapt quite a few things and provide quite some documentation to document the differences. More than once we relied on an HOWTO created by advanced users that were more knowledgeable than us in GVM to understand how we should setup everything. It would be better if you recommended and supported a clean system-wide installation as the default way of running gvm. As an example of things that you provide but that are not working/tested in the system-wide case, there's the systemd service unit: https://github.com/greenbone/gvmd/blob/master/config/gvmd.service.in You use EnvironmentFile to import variables from https://github.com/greenbone/gvmd/blob/master/config/gvmd.default.in but those variables are used in User and Group entries when in fact they are only usable within ExecStart and related. 2/ It would also help if you were less aggressive in dropping upgrade code. We had to patch GVM to bring back old upgrade code twice already. 3/ A last thing that would help is to have a functional test suite that lets us check that we have a working setup. We have a tool called "autopkgtest" that we run to ensure that our packages as working as expected and it would help us ensure that we did not break anything if we could run an upstream test suite as part of this system. Regards, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <hertzog@debian.org> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS
Attachment:
signature.asc
Description: PGP signature