On Nov 10, 2006, at 11:17 AM, Jim Maul wrote:
Bart Silverstrim wrote:
On Nov 9, 2006, at 2:40 PM, Daniel J McDonald wrote:
On Thu, 2006-11-09 at 10:24 -0500, Bart Silverstrim wrote:
On Nov 7, 2006, at 6:48 PM, Jim Redman wrote:
Chris,
Christopher X. Candreva wrote:
On Tue, 7 Nov 2006, Jim Redman wrote:
My observation is that of all the modern packages ClamAV fails to
install and run successfully and securely without operator
intervention. I think that this should be refined to reference
Fedora packages and perhaps not all of them.
I don't use Fedora - I use Mandriva. And my experience has been
that
the RPMS provided by Mandriva do allow you to run out of the box
with
very little tweaking. That is important to me - I manage about
20 linux
servers, but my primary responsibility is 196 routers and firewalls.
I'm not ignorant of the build process - I learned how to build
SRPM's
working with this package - I merely don't have the time to mess
with
it. So, I understand the sentiment.
There are a number of reasons why I consider this a bad thing
(other opinions have been expressed by others on the list).
4) (Altruism) It limits the adoption of ClamAV which in turn
increase the number/penetration of viruses.
Maybe the project doesn't WANT people who have problems with their
installs caused by willful ignorance...just a thought.
I personally think that's a poor attitude. Clueless newbies are
important too. I personally will dump a project that takes too
long to
get working at all. As long as I can see progress it will keep my
interest.
Cluelessness is one thing. Willful cluelessness is another.
There is a difference.
What you're talking about is hassle...if it's too much hassle, you
move on to something else. That's fine and dandy. But there are
many many many people who are using, for example, ClamAV without
throwing a fit because there's too much in the conf file to set up.
The distinction is you can get frustrated and ask for help, or you
can get frustrated and bitch about it rather than read the
comments in the conf file. There's a lot, it can be tedious to a
degree, but you're not having to go through source code to figure
out how to get it to work. I have found that *overall*, with all
the different distros out there, it is impossible to come up with
a one-size-fits-all solution but the config files and guides for
installation and configuration on the Internet are enough that you
need not invest a lifetime to getting this one project working.
As I've said in other posts, the problem (as I see it) isn't
necessarily that he's clueless, or a newbie. It's the attitude he
approached the group with, the attitude of "I don't know anything
and want to stay ignorant. You should make it so I can stay
ignorant but get this to work." This is something that can easily
ruffle some feathers, especially when so many in the group have
started in that position but learned how to get it to work. It's
also shocking for a sysadmin to declare that they want to stay
ignorant of the equipment they're using..."I want to be a rocket
scientist, but don't want to take that nasty physics stuff...you
should make it easier!"
I understand completely what you are saying and also agree with it.
However, regardless of how clueless the rocket scientist wants to
remain (which, yes, is a poor attitude), IF there is room for
improvement or IF some part of the process CAN be made easier,
shouldnt it?
Sure. Taking into consideration other factors.
A) Pay them for the features...this is all volunteer work.
B) No one is proposing how this is to be done. What distro do you
aim for? What MTA? Integration with another spam scanner? How to
make this simpler without crippling or making more difficult getting
it to work with particular setups?
C) How can you simplify or get this to work to the point where a user
who states right out that it's too hard for him to read a conf file
is able to use it? That is NOT what one would expect from a sysadmin
doing his job.
This has nothing to do with the fact that he wants to remain
ignorant. It really seems as if everyone read that part and
COMPLETELY missed what he was really trying to say and instead
focused on blasting the guy because of his willingness to remain
ignorant.
He was saying he is too ignorant to configure his install for his
mail server setup and wanted other people to do it for him rather
than have him read the config file.
That probably irks a lot of people who use ClamAV with minimal effort
and also have to support people who have this guy's type of attitude
because he is running a server that takes some knowledge and skill
yet willfully remains ignorant on the details of how to properly do
so. For all the whining about poor attitudes from the list...well,
tough, we have bad days spent supporting the willfully ignorant! If
you're an admin, you should follow the job duties that come with it
or go for another job or a job that doesn't take skills. Maintaining
servers is a pain in the arse sometimes, but it's PART OF THE JOB.
If you're not competent in that area, outsource it or hire more staff
that does know something about it.
For example, the Hobbitmonitor project is buried deep on my todo
list -
There are about 15 "post release" patches that have to be
individually
applied in a certain order, and I have yet to get it right and
have it
compile. So I ignore it, and think "If I ever get about 4 hours of
un-interrupted time, I'm going to tackle that beast". Of course, I
don't have 4 hours, so it just gets deeper on the pile, and I
never get
my monitoring server built, and I never am able to contribute
back to
the project by helping other clueless newbies...
Then cut it loose.
This seems to be a hard concept...similar problems crop up, and my
response is something along the lines of, "Well, your company
isn't hiring enough to properly staff your department or manage
the staff properly...if it were truly important, you'd get the
time. So either suffer with the lack of XYZ, or have them hire
more people, or move to another company that does respect their IT
department's role more." "Well, that's not realistic..." "Well,
then it sounds like you are going with A, suffer the lack of XYZ.
Accept it, quit complaining."
<crickets...>
I'm not saying every project requires you to cut off fingers and
chant voodoo incantations to work. I'm just saying that ClamAV
isn't rocket science, there are some problems, and your average
sysadmin should be able to go through a conf file to configure it
and be able to get it to integrate with most MTA's using docs on
the Internet with relatively little energy lost. I am tired of
the couch sysadmin running mail servers using a black box
approach, relaying spam or implementing poor security because
they're too damn lazy to actually figure out what running a mail
server means, and when someone comes along saying that they have
problems XYZ the "real" sysadmin takes their advice and learns
what is happening while the couch sysadmin ignores it or complains
it's their mail server vendor's fault because they didn't make it
simple enough to just run the installer and ignore.
AHA!. This seems to be it. Everyone is pissed off at shitty
admins! So forget the fact that they actually might have a valid
point one day, lets just insult them and tell them they are stupid
and ignore anything that comes out of their mouths. Im sorry for
whoever feels this way. Life must be very frustrating for you. Im
done here.
He's installing ClamAV. On a server. On the Internet. No?
That means that the willfully ignorant is a hazard to everyone else
out there.
If you're running a mail server, you're expected to do a certain
amount of work to, you know, know what you're doing.
Is this just kind of lost on you? Or do you not see what happens as
the clueless pound your mail server with more spam? Granted it's
coming from home users in botnets more now, but they are still the
ignorant masses for computing...at least they weren't expected to run
a mail server, just responsibly use their computer.
You think he has a valid point, that it's too too hard to configure
ClamAV? Where is your specific complaint on it? Can you point it
out, and suggest something that can be done as a fix without breaking
other installations?
HE WISHES TO REMAIN IGNORANT TO THE POINT WHERE HE CAN'T EVEN SPECIFY
THE PROBLEM NOR SUGGEST A FIX. What is a reasonable way to make this
as braindead simple as possible without breaking other installs or
options for people running postfix or sendmail or qmail or procmail
or spamassassin (or not)?
He wants to have others make it simpler for him. Goody, he as a
point. Let's make it simpler.
How? What specifically is too hard for him to configure that so many
others have been able to work around? The simpler installer, as I
see it, would still interrogate you for settings specific to your
needs...which is still exactly what he doesn't want!!
Am I the only one that sees that there is little value in trying to
help him with his message, as it was worded? What he really should
have done was just ask for a place to find a prepackaged ClamAV that
fits his distro and his mail setup. He didn't even supply that
information, though. So what then...ask the developers to hurry up
with that telepathic API they've been working on but keeping secret
from him?
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
