Inconsistencies in packages
Fabio Massimo Di Nitto
fabbione at ubuntu.com
Thu Feb 9 06:40:54 UTC 2006
Ante Karamatic wrote:
> We have lots of "server-like" packages, like postfix, dovecot,
> spamassassin, amavisd-new, apache, sshd...
>
> But it seams that we don't have one general rule in what state should
> those services be after install. So, spamassassin is disabled, postfix
> listens on all IPs (public and localhost), amavisd-new listens only on
> localhost, dovecot doesn't listen at all...
>
> Shouldn't we have one general rule for all packages?
The problem is that every service has a different requirement. Some of them
are more tricky than others in this regard. All daemons that are in main
have been "patches" so that the default config or startup option is the
safest as possible at install time to avoid to leave open holes in the
system (see for ex dovecot not starting, or postfix that starts but it's not
an open relay). dovecot in the specific case mandates some config changes
before starting to ensure that it doesn't become a hole in the system.
> I know that
> postfix, after install, isn't open relay, but wouldn't it be good if it
> would listen only on localhost? And, it seams that some services are
> started after install, and some are not. Shouldn't we have some rules in
> there too?
>
If you have a good suggestion and patches for each daemon, i am dealing to
review and apply them, but that's the best we could think of for now.
Fabio
--
I'm going to make him an offer he can't refuse.
More information about the ubuntu-server
mailing list