Ola Lundqvist <[EMAIL PROTECTED]> (21/04/2006): > On Fri, Apr 21, 2006 at 12:14:01PM +0200, Thomas Huriaux wrote: > > But if your package does nothing else than providing help to the > > administrator, why don't you create a simple binary to display these > > instructions? I still don't understand the reason to display these > > instructions during the installation process, at it does not change > > anything for the package usability. > > Why should I create a binary when I can just write it in a documentation.
My idea with a binary was to remove the conflicts, and to let the user choose what to be removed or not by launching this binary. For example: test if servers with plaintext passwords are installed if true display harden-servers/plaintext prompt the user to remove the incriminated package if yes removal of the incriminated package But that would change the philosophy of the package. > The usefulness of this package is that the admin will know about > this _during_ the installation. > > I still do not understand why you have a problem with this. Because installation is not the place to care about this. As I've said, the purpose of a package should be documented on places such as package description, project website, ..., the use of a package should be documented in manpages, README files, etc. Keep the things where they belong. Just imagine that every package displays debconf notes such as your package does (i.e. notes that are not related with the package configuration). I really think that Debian would be unconfigurable, as every package would stop the installation procedure many times (especially true for harden/welcome, even if it is also true for the other notes). Another problem that I see with this: during the installation procedure, I usually only want to configure the newly installed packages. In this case, I'm installing the harden suite and plenty of other packages. As I've seen that the Debconf notes were not related with the configuration, I just read them but took no action immediatly, as it is better to finish the full installation before reconfiguring other packages. Now that my installation is finished, I want to make my system secure. I don't think that dpkg-reconfigure harden-servers is the intuitive way to find the instructions (this is especially true for the harden-servers/vncserver and harden-servers/inetd notes). Finally, I would accept some notes being displayed during the installation procedure, but only before being prompted by apt/aptitude if I accept to remove packages that conflict with harden* (in the case of harden-servers/plaintext and harden-clients/plaintext). This is unfortunately not possible, AFAIK. With the current conception of the package, these notes are displayed too late to be useful during the installation procedure. Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) Cheers, -- Thomas Huriaux
signature.asc
Description: Digital signature