NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: install/46646: sysinst should configure fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc

The following reply was made to PR install/46646; it has been noted by GNATS.

From: Julian Djamil Fagir <>
To: matthew green <>,
Subject: Re: install/46646: sysinst should configure
 fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc
Date: Wed, 4 Jul 2012 22:30:16 +0200

 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: quoted-printable
 > >  For fetch-pkg-vulnerabilities to be useful in most scenarios the MTA
 > > must be set up, thus network being set up, etc, a long ist of
 > > dependencies. I would consider this fine-tuning rather than setup. And I
 > > think sysinst should stay minimal, with only a selected set of actions =
 > > be performed which are really needed for initial setup.
 > this is false.
 > it's useful for having pkgsrc tell you that the package you're
 > installing is vulnerable, which is extremely useful and good.
 > additionally, having it setup means the admin can manually run
 > the check.  again, quite useful and good.
 ok, I mixed this up after reading the comment about daily.conf.
 >  Regarding fetch_pkg_vulnerabilities=3DYES in daily.conf
 > I'm wondering if this will run immediately on the first boot.  Otherwise
 > the user will likely just start building from pkgsrc right away without t=
 > benefit of the vulnerability check.   Looks like there was a previous
 > discussion of this:
 > See "fetch_pkg_=3Dvulnerabilities enabled by default (was: CVS commit:
 > src/etc)"
 Yep, this should be different.
 I'm still not sure about this. Having something in sysinst (and especially
 doing it by default) makes it the new default for everyone using sysinst for
 installing pkgsrc.
 I agree with you it's useful, but where does usefulness stop?
 You might argue that mdnsd is not needed for setting up a new system (tbh,
 I've never even looked at it), but it's exactly that kind of discussion.
 Especially having something periodic set up automatically is more critical.
 I'm not opposed to adding this feature to sysinst, but I would like to have=
 discussion about what sysinst should be able to do and what kind of system =
 finally sets up before adding more only useful features.
 If you tell me this is the official line and it should be done - ok, it's n=
 much work to implement that.
 Regards, Julian
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Disposition: attachment; filename=signature.asc
 Version: GnuPG v2.0.18 (NetBSD)

Home | Main Index | Thread Index | Old Index