Subject: Re: monotone-server package or what?
To: None <tech-pkg@NetBSD.org>
From: Julio M. Merino Vidal <firstname.lastname@example.org>
Date: 01/12/2005 13:56:05
Never mind. Putting everything inside the monotone package was not
very clean (couldn't use user/group as ownership of configuration files,
I've added this as a standalone package, in case anybody cares ;)
On Wed, 2005-01-12 at 10:15 +0100, Julio M. Merino Vidal wrote:
> Hi all,
> Setting up a dedicated Monotone server (see devel/monotone) is not
> a complicated task, but requires a lot of steps and careful
> thinking. In order to make it "secure", one will want to run it as
> an unprivileged user, with the right permissions on each file and
> with an easy-to-use rc.d script. (This last part is the most
> So, yesterday evening, I started working on a package called
> monotone-server that simplifies all this process. All it does is
> the following: create a user/group pair, install the rc.d script
> and install a little shell script, monotone-server-init, that takes
> care to initialize the local database properly by asking the user
> some information.
> Now, I see some problems with this approach: first of all, because
> the package does not match any real program, the "monotone-server"
> name has a good chance to cause confusion to anyone looking at the
> Second because it seems to be stupidly limited. On the one hand,
> monotone-server-init is creating the user's home directory as a path
> that was decided at build time (through a MONOTONE_HOME variable),
> as we usually do for this kind of stuff (BUILD_DEFS). Given that it
> already has to create the user's home, it could be trivial to change
> it to also use groupadd/useradd and ask the user for the necessary
> data at _run time_, so that it'd not be limited to a hardcoded path
> (plus maybe not a hardcoded user/group pair).
> I think it might be a good idea to modify this package to not use
> PKG_USERS nor PKG_GROUPS (creating the necessary stuff from the
> -init script). Plus, if I do this, the need for an extra package
> does not exist (I created it to avoid the "client" monotone package
> create a user/group pair when it's usually not needed), so I'd
> simply put everything inside devel/monotone. However, I don't think
> there is prior art in pkgsrc to similar behavior so this'd look like
> a quite "non-standard" procedure to get things working.
> What do you think?
Julio M. Merino Vidal <email@example.com>
The NetBSD Project - http://www.NetBSD.org/