An MTA should be installed by ubuntu (was [ubuntu-users] Re: Ubuntu is under attack)

Tim Frost timfrost at xtra.co.nz
Tue Dec 20 06:54:11 UTC 2005 

** Cross-=posted to ubuntu-devel as well as ubuntu-users.

On Mon, 2005-12-19 at 20:42 -0800, Mike Bird wrote:
> On Mon, 2005-12-19 at 19:20, Matthew Garrett wrote:
> > On Mon, Dec 19, 2005 at 10:01:15AM -0800, Mike Bird wrote:
> > An out of the box Ubuntu install will not generate any email.
> 
> An out of the box Breezy install will try to generate emails,
> but will fail.  There's no obvious indication that the emails
> are lost.  In Hoary they would have been delivered.
> 

As a specific example, cron uses /usr/bin/sendmail to send email, when a
cron job writes to stderr or stdout (if the script does not redirect
stdout/stderr to files).

As the run-parts script does not redirect stdout/stderr, I found a
message in my mailbox today, after adding mailx/postfix, because one of
the steps in cron.daily detected an error.

Now, I admit that most new users would not understand what is meant by
the error 
        /etc/cron.daily/man-db:
        mandb: warning: /usr/share/man/man1/rmic.1.gz is a dangling
        symlink
        
but the fact that the message was written to my mailbox after I
installed postfix *proves* that a standard breezy install *does*
generate (or at least *try to* generate) email messages.

Is Matthew saying:
1:  That cron should depend on mail-transport-agent (since it explicitly
tries to invoke /usr/sbin/sendmail)

OR 

2: That cron should NOT be installed in ubuntu/kubuntu


Given that a large number of packages depend on the presence of cron, I
caan't see option 2 being acceptable.  Given that, and the fact that
cron expects to find an executable called /usr/sbin/sendmail, it follows
that an MTA (a package providing mail-transport-agent), and a MUA (so
that the admin user can read local mail), MUST remain in the default
install for ubuntu/kubuntu.

Can we feed back to debian that cron should include mail-transport-agent
in the Depends section (the breezy version states "Recommends: postfix |
mail-transport-agent")



> > Nothing is discarded.
> 
> If you had checked before breaking things, you would know that
> this is false.  See above.

cron output is discarded.  See above.
> 
> > If you install anything that generates email, then it is your 
> > responsibility to ensure that you have something that will process that 
> > mail.
> 
> Where is this new imposition documented?  Why make a change which
> so directly conflicts with the goal that Ubuntu "Just Work" out
> of the box?
> 
> > If it's considered a vital part of the package functionality, then 
> > that will be described in the package dependencies.
This seems to suggest that cron is broken because it doesn't DEPEND on 
 postfix | mail-transport-agent

> So now newbies have to read the "dependencies" (by which you actually
> mean "suggestions" and "recommendations") of several hundred
> packages in order to determine how to finish their installations?
> And the breakage can change arbitrarily and undocumented on each
> release?  Unix was easier than this a quarter century ago.
> 
> > Postfix remains a 
> > supported part of the Ubuntu distribution - the only difference between 
> > the situation in Warty and the situation now is that it isn't installed 
> > by default.
> 
> Which means that important system messages are discarded.  A newbie
> should not need to know that they need to install and configure
> an MTA in order to know that something needs attention.
> 
> Similarly, a sysadmin switching from any respectable Unix or Linux
> to Ubuntu would unconciously assume the presence of a working mail
> system.
> 
> Similarly, anyone who installed a bunch of great Hoary systems
> would be somewhat annoyed when he or she lost data to a problem
> on a Breezy system because of this dumbdowngrade.
> 
> People will lose their creations, their work.  You will lose karma.
> Just stop breaking things you don't understand.  OK?
> 
> Oh, and before I forget, what else did you break in Breezy that
> we haven't even noticed yet?
> 
> > However, it's *on the CD*.
> 
> Irrelevant.  The installer does not say "After finishing this
> install we suggest you add Postfix if you don't want to get
> fired for incompetence."
> 
> > The decision ...
> 
> What decision?  Where is it documented?  Who made it?
> 
> > ... not to install an internet daemon by default was taken in 
> > order to provide increased security,
> 
> A daemon listening on 127.0.0.1 does not decrease security.  What
> makes you think it does?

If ubuntu maintainers/developers are that concerned, they should
configure postfix to default to a local-only mode.
> 
> > and also to allow people who actually /need/ an MTA to configure it appropriately rather than ending 
> > up with a (mostly useless) default configuration.
> 
> Your phrasing again indicates that you don't know what you're
> writing about.  Postfix offers a choice of several basic
> configurations during debconf and they are suitable for
> almost all newbies, almost all desktops, and many servers.
> 
> Sure, sysadmins who want to make a secondary MX that's not an
> open relay know that they've got a bit of work to do.  That's
> no reason to cause hundreds of man years of effort to be lost
> when the various default configurations are secure and cover
> almost all cases.
> 
> > If you disagree with 
> > any of the technical decisions, then please bring it up on ubuntu-devel. 
> > However, if your only argument is that postfix should be installed by 
> > default, then I'm afraid that it's not a situation that's likely to 
> > change. If you feel that it's vital for a distribution to come with an 
> > MTA as part of the default desktop install, then I'm sorry. Ubuntu isn't 
> > for you. It never was.
> 
> You are again mistaken.  Ubuntu had MTA in default installations
> until someone broke Breezy.  It is very easy to put Postfix and
> Mailx back into the seeds for Dapper.  It's on the CD, it won't
> take any more CD space, and (apart from maybe a little work on
> the help text) Postfix installs well via debconf and provides
> the configurations that newbies and most others need.
> 
> You have made not a single valid argument for dumbdowngrading
> Breezy.  I am ashamed to see such white noise from a UCAM address.


I agree.   


To recap:
An MTA (with a default local-only mode) is required by any distribution
that includes a cron daemon, because cron uses the /usr/bin/sendmail
program (not /bin/mail and friends) to email any text that it captures
from stdout/stderr when running a cron job.
> 
> --Mike Bird
> 
>

More information about the ubuntu-users mailing list