On Mon, Jul 26, 2004, Simon Mudd wrote: >Hello all, > >Are there any packaging guidelines for building RPM packages? Not how >to build the rpm, but how to make a freshly installed package >"behave". > >The reason that I ask is that I've been looking at the OpenPKG Postfix >RPM and notice that, as installed, it will NEVER work correctly, >something contrary to how the author expects his software to be >installed[1]. > >Specifically: > >- the provided main.cf configuration file only allows connections from > and to address 127.0.0.1 effectively disabling all non-local network > activity.[2]
This is intentional, for the same reason that SuSE and others have their default configurations listening only on localhost, to prevent the clueless from accidentally opening services that may be abused or exploited from the outside world. >- the provided main.cf configuration file specifically sets various > dummy configuration values which are WRONG (in the sense that if not > changed they will generate errors). mydomain and myhostname are > examples. Again this is intentional. One could change the example.com to the base domain name, and the myhostname to the output of the ``hostname'' command, but this can cause problems using ``hostname'' as that varies amongst *nix systems (e.g. SuSE >= 8.0 returns the short hostname, not the FQDN). One could do something automatic using a perl script with ``use Net::Domain;'' to handle things like this or use the coreutils ``ghostname'' to do the same thing. ... >For experienced users seeing what to change is not a problem, but it >seems that this is not helpful for users new to the software. Letting totally inexperienced users do things they don't understand with programs that can be abused and exploited from the Internet may not be a very Good Idea(tm). Granted that the postfix default configuration is pretty tight, the overall philosophy is to require people to think a little before opening services to the world. Microsoft's philosophy of making things easy to use for the clueless has worked very well don't you think? It's responsible for the vast majority of spam and network abuse that plagues the Internet today. >Not providing the package's own documentation (although man pages are >included) is unhelpful. I tend to agree with that for many packages, but I don't think that's the case isth postfix as it has full man pages, and the examples are well commented. ... >I'd like to help address the specific Postfix issues I've seen (which >should be trivial), but want to make sure that I'm not overlooking >something. Postfix is one of the OpenPKG packages that I modify before using, mostly because I've added a ``/bin/rpm'' package, openpkg-postfix'', to the postfix package that installs when ``/bin/rpm'' is found that ``Obsoletes: postfix'' and ``Provides: smtp_daemon''. This works around a problems on SuSE systems which will automatically reinstall their postfix if it's removed because other SuSE RPMS require the ``smtp_daemon''. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ The cry has been that when war is declared, all opposition should therefore be hushed. A sentiment more unworthy of a free country could hardly be propagated. If the doctrine be admitted, rulers have only to declare war and they are screened at once from scrutiny ... In war, then, as in peace, assert the freedom of speech and of the press. Cling to this as the bulwark of all our rights and privileges. -- William Ellery Channing ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [EMAIL PROTECTED]
