RE: install/46646: sysinst should configure fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc

To: install-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,dross%pobox.com@localhost
Subject: RE: install/46646: sysinst should configure fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc
From: David Ross <dross%pobox.com@localhost>
Date: Thu, 5 Jul 2012 02:25:02 +0000 (UTC)

The following reply was made to PR install/46646; it has been noted by GNATS.

From: David Ross <dross%pobox.com@localhost>
To: <gnats-bugs%netbsd.org@localhost>, <install-manager%netbsd.org@localhost>,
        <gnats-admin%netbsd.org@localhost>, <netbsd-bugs%netbsd.org@localhost>
Cc: 
Subject: RE: install/46646: sysinst should configure
 fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc
Date: Wed, 4 Jul 2012 19:23:27 -0700

 A response I posted a little earlier today was mangled because I didn't sen=
 d as a plain-text.  My high level points:
 
 =20
 
  - I agree that a sysinst menu option to enable vulnerability checking is a=
  good compromise.  This could be right under the new option that installs p=
 kgsrc.
 
 =20
 
  - The benefit of the feature (to me) is that it tells you a package is vul=
 nerable right when you try to build it.
 
 =20
 
  - If this feature is implemented=2C it should set everything up so that th=
 e vulnerability database is ready the first time you try to build a package=
 .  (Not just after 24 hours via a cron job.)
 
 =20
 
 David Ross
 dross%pobox.com@localhost
 
 =20
 
 =20
 
 ----------------------------------------
 > From: gnrp%komkon2.de@localhost
 > To: install-manager%netbsd.org@localhost=3B 
 > gnats-admin%netbsd.org@localhost=3B netbsd-bugs@n=
 etbsd.org=3B dross%pobox.com@localhost
 > Subject: Re: install/46646: sysinst should configure fetch-pkg-vulnerabil=
 ities automatically if you choose to install pkgsrc
 > CC:
 > Date: Wed=2C 4 Jul 2012 20:35:06 +0000
 >
 > The following reply was made to PR install/46646=3B it has been noted by =
 GNATS.
 >
 > From: Julian Djamil Fagir <gnrp%komkon2.de@localhost>
 > To: matthew green <mrg%eterna.com.au@localhost>=2C 
 > gnats-bugs%NetBSD.org@localhost
 > Cc:
 > Subject: Re: install/46646: sysinst should configure
 > fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc
 > Date: Wed=2C 4 Jul 2012 22:30:16 +0200
 >
 > --Sig_/ryrrMvlJE/04O3v0RnM0w5i
 > Content-Type: text/plain=3B charset=3DUS-ASCII
 > Content-Transfer-Encoding: quoted-printable
 >
 > Hi=2C
 >
 > > > For fetch-pkg-vulnerabilities to be useful in most scenarios the MTA
 > > > must be set up=2C thus network being set up=2C etc=2C a long ist of
 > > > dependencies. I would consider this fine-tuning rather than setup. An=
 d I
 > > > think sysinst should stay minimal=2C with only a selected set of acti=
 ons =3D
 > to
 > > > be performed which are really needed for initial setup.
 > >=3D20
 > > this is false.
 > >=3D20
 > > it's useful for having pkgsrc tell you that the package you're
 > > installing is vulnerable=2C which is extremely useful and good.
 > >=3D20
 > > additionally=2C having it setup means the admin can manually run
 > > the check. again=2C quite useful and good.
 > ok=2C I mixed this up after reading the comment about daily.conf.
 >
 > > Regarding fetch_pkg_vulnerabilities=3D3DYES in daily.conf
 > > I'm wondering if this will run immediately on the first boot. Otherwise
 > > the user will likely just start building from pkgsrc right away without=
  t=3D
 > he
 > > benefit of the vulnerability check. Looks like there was a previous
 > > discussion of this:
 > > http://mail-index.netbsd.org/tech-userlevel/2010/01/oindex.html
 > > See "fetch_pkg_=3D3Dvulnerabilities enabled by default (was: CVS commit=
 :
 > > src/etc)"
 > Yep=2C this should be different.
 >
 > I'm still not sure about this. Having something in sysinst (and especiall=
 y
 > doing it by default) makes it the new default for everyone using sysinst =
 for
 > installing pkgsrc.
 >
 > I agree with you it's useful=2C but where does usefulness stop?
 > You might argue that mdnsd is not needed for setting up a new system (tbh=
 =2C
 > I've never even looked at it)=2C but it's exactly that kind of discussion=
 .
 > Especially having something periodic set up automatically is more critica=
 l.
 >
 > I'm not opposed to adding this feature to sysinst=2C but I would like to =
 have=3D
 > a
 > discussion about what sysinst should be able to do and what kind of syste=
 m =3D
 > it
 > finally sets up before adding more only useful features.
 > If you tell me this is the official line and it should be done - ok=2C it=
 's n=3D
 > ot
 > much work to implement that.
 >
 > Regards=2C Julian
 >
 > --Sig_/ryrrMvlJE/04O3v0RnM0w5i
 > Content-Type: application/pgp-signature=3B name=3Dsignature.asc
 > Content-Disposition: attachment=3B filename=3Dsignature.asc
 >
 > -----BEGIN PGP SIGNATURE-----
 > Version: GnuPG v2.0.18 (NetBSD)
 >
 > iEYEARECAAYFAk/0p9wACgkQc7h7cu1Hpp4L7QCeK3X8TYh7ltQDZWVWM7UWpLOE
 > lmIAn0v7S8lIAAsK3cmW2vKXmM55ck8h
 > =3DNNUI
 > -----END PGP SIGNATURE-----
 >
 > --Sig_/ryrrMvlJE/04O3v0RnM0w5i--
 >                                        =

Prev by Date: lib/46659: feenableexcept and fedisableexcept return too many bits on x86
Next by Date: Re: bin/46612 (ntpdc error message problem)
Previous by Thread: RE: install/46646: sysinst should configure fetch-pkg-vulnerabilities automatically if you choose to install pkgsrc
Next by Thread: port-atari/46647: Menu borders in sysinst appear as characters with diacritical marks instead of graphics characters
Indexes:

Home | Main Index | Thread Index | Old Index