On Wed, Aug 25, 2010 at 09:11:33AM +0200, Emmanuel Bouthenot wrote:
When not respecting recommends, you cannot expect package to work "out of the box" but will need some hand-tuning to get working.I never install Recommends on my Debian machines (servers, desktop, laptop). It's the first time I encounter such problems.
Well, you not experiencing problems avoiding Recommends do not really change the Debian definition of the Recommends: stanza:
`Recommends'
This declares a strong, but not absolute, dependency.
The `Recommends' field should list packages that would be found
together with this one in all but unusual installations.
Do you dare say that it is not possible - with hand-tuning - to get some parts of sympa working when ca-certificates is not around?If I install SYMPA I expect that *all* parts works (not only 3 daemons among 4).
I do understand what you expect. My question is if it is *possible* to hand-tune.
I strongly suspect that even without changing a single line in sympa configuration files, but only using some openssl command to generate a certificate and a crl file for it, sympa can run fine.Do you not agree with that?No,
You do not agree that the needed file is possible to create by other means and with other content than installing that package?
AFAIK this CA file (which expects to be a bundle of root CA certificates) is also used by SYMPA to redistribute S/MIME encrypted messages sent by subscribers[1].
Yes, I believe so too.
I still don't understand why I should install a Recommend which is needed to get a basic setup working.
Because in some special cases it is not needed and gets in the way.ca-certificates contains certificates for a bunch of trusted third parties. Sympa *can* trust these third parties, but is not forced to do so.
The funny thing is that SYMPA depends on perl-suid and libfcgi-perl which should probably be ‘Recommends’.
I don't find that funny. I find it a relevant discovery: If not *always* needed, those relations should be lowered to recommends too.
As a SYMPA maintainer, it's a bit sad that I can't fix something I consider to be a bug.
Sure you can: Just as well as I can close the bug, you can open it again.
I do feel, however, that your arguments are tied to how you are used to handle package relationships in the past, whereas I believe my arguments are tied to how Debian Policy defines the package relation stanzas.
Jonas, I don't want to fight with you about this. It seems that I can't convince you. I prefer to focus on the other bugs to fix.
I won't stop you.And as I wrote earlier on to this bugreport, I do believe that if ca-certificates missing causes sympa to consume all resources on the system, then there is a bug in sympa code which should be filed separately - and passed upstream.
Kind regards, - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
