On 2007-12-16 10:46:26 +0000, Robin Bowes wrote: > Charlie Brady wrote: > > > > On Sat, 15 Dec 2007, Robin Bowes wrote: > > > >> Anyway, the purpose of this thread is to suggest and discuss some > >> changes/improvements to the RPM. > > ...
I'm listening.
> >> 1. Drop an apache config file into /etc/httpd/conf.d, e.g. qpsmtpd.conf:
> > ...
This would be part of the qpsmtpd-apache package. Makes sense there,
although I'm a bit leery of automatically installing a configuration
which is immediately active (I like the approach of the debian apache
package with "sites-available" and "sites-enabled" better).
> >> 2. Don't automatically set qpsmtpd-forkserver to start at boot.
> > ...
Does it do this? That wasn't intentional. The init-script should be set
up but disabled, the admin should need to invoke
chkonfig qpsmtpd-forkserver on
to enable it.
Anyway, maybe it makes sense to split the qpsmtpd package into a
qpsmtpd-common and and a qpsmtpd-forkserver package.
> >> 3. Fix up SELinux so apache can bind to port 25.
> > ...
Ok. Again, this only affects the qpsmtpd-apache package.
> >
> > I'd argue that these aren't "improvements" per se, but are changes from
> > one preferred configuration to another. You'll violate the principal of
> > "least surprise" if you released this as an update to the existing rpm.
There are two RPMs right now - qpsmtpd and qpsmtpd-apache. The
apache-specific parts should clearly go into qpsmtpd-apache and wouldn't
affect anybody who has only qpsmtpd installed. The second suggestion is
more sensitive - clearly upgrading the package should not disable a
an enabled forkserver. But for a new installation, it shouldn't be
enabled by default, either, because you will need to review (and almost
certainly change) the config before you can start it.
> > If you are going to do this, I'd suggest the changes should be in
> > additional subpackages - produce qpsmtpd, qpsmtpd-config-apache and
> > qpsmtpd-config-forkserver packages during the build, and allow the admin
> > to decide which installation policy will be installed.
>
> I hear what you're saying but, if you look at other similar packages,
> they do stuff like this. These changes make qpsmtpd behave like other
> packages. They should (IMHO) be added to the qpsmtpd-apache RPM so that
> when it is installed it results in a working configuration.
The qpsmtpd-apache sub-package is probably in a rather sad state as I've
never used it myself. So I'm happy to include any suggestions.
> Also, I think there's a difference between local changes to allow
> qpsmtpd to run (e.g. the SELinux change) and global changes (e.g.
> opening port 25 on the firewall. The former should be done as part of
> the RPM install, the latter should not.
Not sure whether I buy the local vs. global distinction. I do agree that
the SELinux change makes sense as part of the install - if you install
qpsmtpd-apache you will almost certainly want apache to be able to
listen on port 25. But it should not cause apache to listen on any port
by default - it should be up to the administrator to decide on the
interface(s) and port(s) he wants qpsmtpd to listen.
hp
--
_ | Peter J. Holzer | It took a genius to create [TeX],
|_|_) | Sysadmin WSR | and it takes a genius to maintain it.
| | | [EMAIL PROTECTED] | That's not engineering, that's art.
__/ | http://www.hjp.at/ | -- David Kastrup in comp.text.tex
signature.asc
Description: Digital signature
