Bug#363931: harden: Please do not abuse debconf
Hi again On Fri, Apr 21, 2006 at 10:52:40PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): The usefulness of this package is that the admin will know about this _during_ the installation. I still do not understand why you have a problem with this. Because installation is not the place to care about this. As I've said, the purpose of a package should be documented on places such as package description, project website, ..., the use of a package should be documented in manpages, README files, etc. Keep the things where they belong. But this package is intended for people that are not that used to Debian and security hardening. They probably do not even know about the README.Debian files anyway. Do you really think that people not used to Debian and security hardening will understand that the notes they read during the installation process are instructions to apply after the installation? Yes I think so. I have read through them again and I can not see why it is a problem. Quote from the templates: -- Template: harden-servers/plaintext Type: note _Description: Plaintext passwords Services that use plaintext passwords are almost by definition insecure. The reason is that you cannot know if someone is sniffing your passwords. . In a local environment with no connection to the outside world this is of course not a big problem. On the other hand then you will not need to secure your system at all and should not need this package. . This package conflicts with a lot of server service components that depend on plaintext passwords. Some tools that use plaintext passwords are not conflicted because they can be configured not to use plaintext passwords. So installing this package will only help you with some of the most critical servers. . The advice is to look at each available service and investigate if it uses plaintext passwords. If it does, try to configure it so it starts using encryption or some password exchange algorithm that does not require plaintext passwords. Template: harden-servers/inetd Type: note _Description: Default services and inetd By default some unnecessary services are enabled on your system. The program that provides them is inetd. There are alternatives to inetd which are more flexible. The problem is not that inetd in itself is insecure so you will probably not need to remove it. The problem is that you have to configure it to provide only the services that are really needed. . If you have the normal inetd program installed you should configure it by editing /etc/inetd.conf. . The general rule is to comment all lines that you do not need. If you do not know what it is, you probably do not need it. If you discover some problem you can always uncomment it later. . When you have edited that file, you have to restart the inet daemon with the following command: /etc/init.d/inetd restart - Client note look similar to the server note so I do not list it here. I can see that my english is not perfect but that is not what we are arguing on here. I can add a note to tell that this is supposed to be done after configuring if that make it better. Just imagine that every package displays debconf notes such as your package does (i.e. notes that are not related with the package configuration). I really think that Debian would be unconfigurable, as every package would stop the installation procedure many times (especially true for harden/welcome, even if it is also true for the other notes). I agree in general but I still think that these notes are valid to print. Another problem that I see with this: during the installation procedure, I usually only want to configure the newly installed packages. In this case, I'm installing the harden suite and plenty of other packages. As I've seen that the Debconf notes were not related with the configuration, I just read them but took no action immediatly, as it is better to finish the full installation before reconfiguring other packages. Now that my installation is finished, I want to make my system secure. I don't think that dpkg-reconfigure harden-servers is the intuitive way to find the instructions (this is especially true for the harden-servers/vncserver and harden-servers/inetd notes). We can of course add the notes to the README.Debian file as well as the debconf output. Finally, I would accept some notes being displayed during the installation procedure, but only before being prompted by apt/aptitude if I accept to remove packages that conflict with harden* (in the case of harden-servers/plaintext and harden-clients/plaintext). This is unfortunately not possible, AFAIK. With the current conception of the package, these notes
Bug#363931: harden: Please do not abuse debconf
Hi again, Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Fri, Apr 21, 2006 at 10:52:40PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Please tell me what is hard to understand with these notes instead. I have no problem to understand what these notes are saying. I just don't understand their positions. Why in the installation process when the actions will have to be taken after the installation and have no direct relation with the package usability? Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) It is already with priority low output, so I do not really agree. Even with a low priority, once again, imagine that every package displays a note with Hello, you are using the foobar package. You can find more documentation blablabla It would simply make the low priority unused by users. That is what you have low priority for. The default is medium and therefore you will not have them printed with the default option. So what is the problem? No, low priority is for very customized configuration options that should not be displayed to the normal user during the installation. Welcome notes should not exist, as advanced users don't care about these notes and normal users won't see them as they don't want to have too difficult questions to answer. * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts But they are not for describing the conflicts. See above. * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) No I will not do this last point, unless inetd have changed their defaults of course. Still the same difference of opinion, i.e. something like that has no added value during the package configuration process. BUT the package have NO use without the notes and the conflicts!!! It do not contain anything else. I indeed think that the only use of the package is to use the conflicts field. And this is a good idea to avoid installing not secured packages. But if I want to harden a system, I won't follow your debconf instructions but read a complete documentation. I'm afraid our main disagreement is the distinction I made between installation/configuration of a package and use of a package. It seems for me that you consider you're using a package as soon as you start to install it. In this case it is true as this is mostly a meta package with some additional help to the user. If I'm right with this last statement, then I will change my argumentation :-) Sorry to be so insistent for the removal of these debconf templates, but one of my main activities within Debian is debconf-related QA and I'm still convinced that you are using debconf where you should not. That's why I really would like to see this issue fixed :-) Well I am still not convinced and as I have seen that this package is used by quite a few people I assume that people like the idea of it. I also think the Conflicts part is a good idea. However, the notes at their current position aren't. You are the first person to complain about these notes. No, I'm not, please read #144652 for example. I don't know exactly how your users are using your package, but I don't think they are really using your notes to configure their systems. They just take advantage of the Conflicts part, and use the normal documentation to harden the rest of the system. I'm just reading the other bug reports, it seems that most (all?) of them are asking conflicts and not new instructions (if we do not take in account bugs that are not related with usage or were filled by you). If you get consensus about this on debian-devel (which I do not read by the way) or you can convince many people to answer this bug with the same opinion I may change my mind. You see the inetd note was created because users requested that inetd servers should be disabled by default when installing this package. I decided that it was not a good thing to change configuration so therefore I added this note. The plaintext password notes was added because that I could not find out a good way to configure all servers to use encryption, so that note was added. Once again, I don't think to stop the installation process to tell what your package is not doing and what the user has to do manually is a good idea. I still do not understand why you are think they are so bad as these two things are quite important for hardening of a system. A better thing would of course be if I had implemented functions for editing inetd services and also to configure password handling for
Bug#363931: harden: Please do not abuse debconf
Hi On Sat, Apr 22, 2006 at 01:18:09PM +0200, Thomas Huriaux wrote: Hi again, Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Fri, Apr 21, 2006 at 10:52:40PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Please tell me what is hard to understand with these notes instead. I have no problem to understand what these notes are saying. I just don't understand their positions. Why in the installation process when the actions will have to be taken after the installation and have no direct relation with the package usability? Because there are no way to display things at the end of the installation process, right? Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) It is already with priority low output, so I do not really agree. Even with a low priority, once again, imagine that every package displays a note with Hello, you are using the foobar package. You can find more documentation blablabla It would simply make the low priority unused by users. That is what you have low priority for. The default is medium and therefore you will not have them printed with the default option. So what is the problem? No, low priority is for very customized configuration options that should not be displayed to the normal user during the installation. Welcome notes should not exist, as advanced users don't care about these notes and normal users won't see them as they don't want to have too difficult questions to answer. What you are saying is that notes should not be used at all, even with low priority. I know that the manpage tell that it should be avoided but I still think it is valid in this situation. * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts But they are not for describing the conflicts. See above. * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) No I will not do this last point, unless inetd have changed their defaults of course. Still the same difference of opinion, i.e. something like that has no added value during the package configuration process. BUT the package have NO use without the notes and the conflicts!!! It do not contain anything else. I indeed think that the only use of the package is to use the conflicts field. And this is a good idea to avoid installing not secured packages. But if I want to harden a system, I won't follow your debconf instructions but read a complete documentation. I can agree that reading the full doc is what you should do. These notes are for new maintainers and therefore printed with low or medium priority. If it help I I'm afraid our main disagreement is the distinction I made between installation/configuration of a package and use of a package. It seems for me that you consider you're using a package as soon as you start to install it. In this case it is true as this is mostly a meta package with some additional help to the user. If I'm right with this last statement, then I will change my argumentation :-) Sorry to be so insistent for the removal of these debconf templates, but one of my main activities within Debian is debconf-related QA and I'm still convinced that you are using debconf where you should not. That's why I really would like to see this issue fixed :-) Well I am still not convinced and as I have seen that this package is used by quite a few people I assume that people like the idea of it. I also think the Conflicts part is a good idea. However, the notes at their current position aren't. You are the first person to complain about these notes. No, I'm not, please read #144652 for example. That bug do not complain on the display of the message but rather that it do not have an intelligent check before displaying it. I don't know exactly how your users are using your package, but I don't think they are really using your notes to configure their systems. They just take advantage of the Conflicts part, and use the normal documentation to harden the rest of the system. I'm just reading the other bug reports, it seems that most (all?) of them are asking conflicts and not new instructions (if we do not take in account bugs that are not related with usage or were filled by you). Yes, and? These notes are the first most important general things to consider for a default installed system. If you get consensus about this on debian-devel (which I do not read by the way) or you can convince many people to answer this bug with the same
Bug#363931: harden: Please do not abuse debconf
Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Sat, Apr 22, 2006 at 01:18:09PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Fri, Apr 21, 2006 at 10:52:40PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Please tell me what is hard to understand with these notes instead. I have no problem to understand what these notes are saying. I just don't understand their positions. Why in the installation process when the actions will have to be taken after the installation and have no direct relation with the package usability? Because there are no way to display things at the end of the installation process, right? No, but *after* the installation process, there are plenty of way. It would then be displayed when it is appropriate for the user to see it, i.e. when he intends to take the actions suggested by the harden packages, but related to other packages configuration. No, low priority is for very customized configuration options that should not be displayed to the normal user during the installation. Welcome notes should not exist, as advanced users don't care about these notes and normal users won't see them as they don't want to have too difficult questions to answer. What you are saying is that notes should not be used at all, even with low priority. I know that the manpage tell that it should be avoided but I still think it is valid in this situation. No, I'm not saying that notes should not be used at all. It should be used for important notes related to the _installation_ of a package. For example, if the user should rename a configuration file to get the package working, if an upgrade failed, etc. Here, you are telling the user that he should configure *other* packages during the installation of your package. I indeed think that the only use of the package is to use the conflicts field. And this is a good idea to avoid installing not secured packages. But if I want to harden a system, I won't follow your debconf instructions but read a complete documentation. I can agree that reading the full doc is what you should do. These notes are for new maintainers and therefore printed with low or medium priority. The full doc or an introduction, or everything else appropriate for my level of knowledge. But I won't read it during the installation of a package, as I'd better wait for the package to be installed before doing anything. You are the first person to complain about these notes. No, I'm not, please read #144652 for example. That bug do not complain on the display of the message but rather that it do not have an intelligent check before displaying it. Quoting the bug: It was also a bit annoying that it interrupted the smooth progress of my apt-get upgrade part-way through for a very non-critical non-question. This is one of my main argument since the beginning of the discussion, and exactly what is said in the debconf-devel manpage. I don't know exactly how your users are using your package, but I don't think they are really using your notes to configure their systems. They just take advantage of the Conflicts part, and use the normal documentation to harden the rest of the system. I'm just reading the other bug reports, it seems that most (all?) of them are asking conflicts and not new instructions (if we do not take in account bugs that are not related with usage or were filled by you). Yes, and? So I don't think your users are expecting instruction notes, but mainly a real meta-package with Conflicts, Recommends, etc. But this is only hypothetical, as I don't know any of these users. These notes are the first most important general things to consider for a default installed system. But why to display it during the _installation_ of the package? That should be displayed when you want to harden your system, i.e. when you are _using_ the harden package, not installing it. If you get consensus about this on debian-devel (which I do not read by the way) or you can convince many people to answer this bug with the same opinion I may change my mind. You see the inetd note was created because users requested that inetd servers should be disabled by default when installing this package. I decided that it was not a good thing to change configuration so therefore I added this note. The plaintext password notes was added because that I could not find out a good way to configure all servers to use encryption, so that note was added. Once again, I don't think to stop the installation process to tell what your package is not doing and what the user has to do manually is a good idea. Then please file a bug report to debconf to tell that this function should be totally removed. For what else should these notes be, than to tell that
Bug#363931: harden: Please do not abuse debconf
Hi On Sat, Apr 22, 2006 at 08:53:06PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Sat, Apr 22, 2006 at 01:18:09PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (22/04/2006): On Fri, Apr 21, 2006 at 10:52:40PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Please tell me what is hard to understand with these notes instead. I have no problem to understand what these notes are saying. I just don't understand their positions. Why in the installation process when the actions will have to be taken after the installation and have no direct relation with the package usability? Because there are no way to display things at the end of the installation process, right? No, but *after* the installation process, there are plenty of way. It would then be displayed when it is appropriate for the user to see it, i.e. when he intends to take the actions suggested by the harden packages, but related to other packages configuration. The intention of the harden package was that installing the package should be enough for basic hardening of the system. That is why these notes are there. There are plenty of tools that can be run after the installation and some of them are suggested by the harden suite. No, low priority is for very customized configuration options that should not be displayed to the normal user during the installation. Welcome notes should not exist, as advanced users don't care about these notes and normal users won't see them as they don't want to have too difficult questions to answer. What you are saying is that notes should not be used at all, even with low priority. I know that the manpage tell that it should be avoided but I still think it is valid in this situation. No, I'm not saying that notes should not be used at all. It should be used for important notes related to the _installation_ of a package. For example, if the user should rename a configuration file to get the package working, if an upgrade failed, etc. Here, you are telling the user that he should configure *other* packages during the installation of your package. To harden a system means that you need to configure *other* packages. I indeed think that the only use of the package is to use the conflicts field. And this is a good idea to avoid installing not secured packages. But if I want to harden a system, I won't follow your debconf instructions but read a complete documentation. I can agree that reading the full doc is what you should do. These notes are for new maintainers and therefore printed with low or medium priority. The full doc or an introduction, or everything else appropriate for my level of knowledge. But I won't read it during the installation of a package, as I'd better wait for the package to be installed before doing anything. You are the first person to complain about these notes. No, I'm not, please read #144652 for example. That bug do not complain on the display of the message but rather that it do not have an intelligent check before displaying it. Quoting the bug: It was also a bit annoying that it interrupted the smooth progress of my apt-get upgrade part-way through for a very non-critical non-question. This is one of my main argument since the beginning of the discussion, and exactly what is said in the debconf-devel manpage. I don't know exactly how your users are using your package, but I don't think they are really using your notes to configure their systems. They just take advantage of the Conflicts part, and use the normal documentation to harden the rest of the system. I'm just reading the other bug reports, it seems that most (all?) of them are asking conflicts and not new instructions (if we do not take in account bugs that are not related with usage or were filled by you). Yes, and? So I don't think your users are expecting instruction notes, but mainly a real meta-package with Conflicts, Recommends, etc. But this is only hypothetical, as I don't know any of these users. These notes are the first most important general things to consider for a default installed system. But why to display it during the _installation_ of the package? That should be displayed when you want to harden your system, i.e. when you are _using_ the harden package, not installing it. You do not _use_ the harden pacakge. It is there for conflicts and give you some guideance. If you get consensus about this on debian-devel (which I do not read by the way) or you can convince many people to answer this bug with the same opinion I may change my mind. You see the inetd note was created because users requested that inetd servers should be disabled by default when
Bug#363931: harden: Please do not abuse debconf
Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 12:31:03AM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (20/04/2006): On Thu, Apr 20, 2006 at 07:32:00PM +0200, Thomas Huriaux wrote: All of your debconf notes are typical Debconf abuse. Such notes have no added value during the package configuration process. The information they contain should go to the package documentation and should never stop the installation process. You have misunderstood the purpose of this package suite. The harden packages provide _nothing_ more than a guide for the system administrator with conflicts, dependencies and debconf output. That is why I'll now mark this package as wontfix. But if you can give me a good explanation on why I should remove a specific debconf question then I may change my mind. I have checked the debconf output and can not see that it is anything wrong with them. You are speaking about debconf questions, but you are only using debconf notes which are not related with the installation/configuration of the package. Debconf is made to configure a package, not to provide documentation. Notes or questions. The package do not provide more than help to the administrator. The only thing I can see is that maybe the priority can be discussed, but I think it is valid to have medium for the more important ones and low for the less important. If you want to install a system without being stopped by this kind of questions you can change the debconf input level or change the frontend for debconf. I don't want to install a system without being stopped by questions, I want to have to care only about the configuration of the packages I'm installing during the installation process. So, if the installation stop, it should only to prompt for something needed to configure the package or to mention something *very* important I have to do after the installation of the package to get it working. Yes but it is important for hardening of the system to follow the instructions mentioned. Without it is not much use of the package. But if your package does nothing else than providing help to the administrator, why don't you create a simple binary to display these instructions? I still don't understand the reason to display these instructions during the installation process, at it does not change anything for the package usability. -- Thomas Huriaux signature.asc Description: Digital signature
Bug#363931: harden: Please do not abuse debconf
Hi On Fri, Apr 21, 2006 at 12:14:01PM +0200, Thomas Huriaux wrote: But if your package does nothing else than providing help to the administrator, why don't you create a simple binary to display these instructions? I still don't understand the reason to display these instructions during the installation process, at it does not change anything for the package usability. Why should I create a binary when I can just write it in a documentation. The usefulness of this package is that the admin will know about this _during_ the installation. I still do not understand why you have a problem with this. Regards, // Ola -- Thomas Huriaux -- --- Ola Lundqvist systemkonsult --- M Sc in IT Engineering / [EMAIL PROTECTED] Annebergsslingan 37\ | [EMAIL PROTECTED] 654 65 KARLSTAD| | http://www.opal.dhs.org Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#363931: harden: Please do not abuse debconf
Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 12:14:01PM +0200, Thomas Huriaux wrote: But if your package does nothing else than providing help to the administrator, why don't you create a simple binary to display these instructions? I still don't understand the reason to display these instructions during the installation process, at it does not change anything for the package usability. Why should I create a binary when I can just write it in a documentation. My idea with a binary was to remove the conflicts, and to let the user choose what to be removed or not by launching this binary. For example: test if servers with plaintext passwords are installed if true display harden-servers/plaintext prompt the user to remove the incriminated package if yes removal of the incriminated package But that would change the philosophy of the package. The usefulness of this package is that the admin will know about this _during_ the installation. I still do not understand why you have a problem with this. Because installation is not the place to care about this. As I've said, the purpose of a package should be documented on places such as package description, project website, ..., the use of a package should be documented in manpages, README files, etc. Keep the things where they belong. Just imagine that every package displays debconf notes such as your package does (i.e. notes that are not related with the package configuration). I really think that Debian would be unconfigurable, as every package would stop the installation procedure many times (especially true for harden/welcome, even if it is also true for the other notes). Another problem that I see with this: during the installation procedure, I usually only want to configure the newly installed packages. In this case, I'm installing the harden suite and plenty of other packages. As I've seen that the Debconf notes were not related with the configuration, I just read them but took no action immediatly, as it is better to finish the full installation before reconfiguring other packages. Now that my installation is finished, I want to make my system secure. I don't think that dpkg-reconfigure harden-servers is the intuitive way to find the instructions (this is especially true for the harden-servers/vncserver and harden-servers/inetd notes). Finally, I would accept some notes being displayed during the installation procedure, but only before being prompted by apt/aptitude if I accept to remove packages that conflict with harden* (in the case of harden-servers/plaintext and harden-clients/plaintext). This is unfortunately not possible, AFAIK. With the current conception of the package, these notes are displayed too late to be useful during the installation procedure. Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) Cheers, -- Thomas Huriaux signature.asc Description: Digital signature
Bug#363931: harden: Please do not abuse debconf
Hi On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 12:14:01PM +0200, Thomas Huriaux wrote: But if your package does nothing else than providing help to the administrator, why don't you create a simple binary to display these instructions? I still don't understand the reason to display these instructions during the installation process, at it does not change anything for the package usability. Why should I create a binary when I can just write it in a documentation. My idea with a binary was to remove the conflicts, and to let the user choose what to be removed or not by launching this binary. For example: test if servers with plaintext passwords are installed if true display harden-servers/plaintext prompt the user to remove the incriminated package if yes removal of the incriminated package But that would change the philosophy of the package. Hmm. Maybe the plaintext description is not very clear... What I want to tell in them are that even if a package support encryption you need to really make use of it. That is why they are displayed. The usefulness of this package is that the admin will know about this _during_ the installation. I still do not understand why you have a problem with this. Because installation is not the place to care about this. As I've said, the purpose of a package should be documented on places such as package description, project website, ..., the use of a package should be documented in manpages, README files, etc. Keep the things where they belong. But this package is intended for people that are not that used to Debian and security hardening. They probably do not even know about the README.Debian files anyway. Just imagine that every package displays debconf notes such as your package does (i.e. notes that are not related with the package configuration). I really think that Debian would be unconfigurable, as every package would stop the installation procedure many times (especially true for harden/welcome, even if it is also true for the other notes). I agree in general but I still think that these notes are valid to print. Another problem that I see with this: during the installation procedure, I usually only want to configure the newly installed packages. In this case, I'm installing the harden suite and plenty of other packages. As I've seen that the Debconf notes were not related with the configuration, I just read them but took no action immediatly, as it is better to finish the full installation before reconfiguring other packages. Now that my installation is finished, I want to make my system secure. I don't think that dpkg-reconfigure harden-servers is the intuitive way to find the instructions (this is especially true for the harden-servers/vncserver and harden-servers/inetd notes). We can of course add the notes to the README.Debian file as well as the debconf output. Finally, I would accept some notes being displayed during the installation procedure, but only before being prompted by apt/aptitude if I accept to remove packages that conflict with harden* (in the case of harden-servers/plaintext and harden-clients/plaintext). This is unfortunately not possible, AFAIK. With the current conception of the package, these notes are displayed too late to be useful during the installation procedure. What? The notes are not for you to remove packages but to make sure that you use try to configure your system for encryption. Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) It is already with priority low output, so I do not really agree. * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts But they are not for describing the conflicts. * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) No I will not do this last point, unless inetd have changed their defaults of course. Regards, // Ola Cheers, -- Thomas Huriaux -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#363931: harden: Please do not abuse debconf
Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): On Fri, Apr 21, 2006 at 07:35:01PM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (21/04/2006): The usefulness of this package is that the admin will know about this _during_ the installation. I still do not understand why you have a problem with this. Because installation is not the place to care about this. As I've said, the purpose of a package should be documented on places such as package description, project website, ..., the use of a package should be documented in manpages, README files, etc. Keep the things where they belong. But this package is intended for people that are not that used to Debian and security hardening. They probably do not even know about the README.Debian files anyway. Do you really think that people not used to Debian and security hardening will understand that the notes they read during the installation process are instructions to apply after the installation? Just imagine that every package displays debconf notes such as your package does (i.e. notes that are not related with the package configuration). I really think that Debian would be unconfigurable, as every package would stop the installation procedure many times (especially true for harden/welcome, even if it is also true for the other notes). I agree in general but I still think that these notes are valid to print. Another problem that I see with this: during the installation procedure, I usually only want to configure the newly installed packages. In this case, I'm installing the harden suite and plenty of other packages. As I've seen that the Debconf notes were not related with the configuration, I just read them but took no action immediatly, as it is better to finish the full installation before reconfiguring other packages. Now that my installation is finished, I want to make my system secure. I don't think that dpkg-reconfigure harden-servers is the intuitive way to find the instructions (this is especially true for the harden-servers/vncserver and harden-servers/inetd notes). We can of course add the notes to the README.Debian file as well as the debconf output. Finally, I would accept some notes being displayed during the installation procedure, but only before being prompted by apt/aptitude if I accept to remove packages that conflict with harden* (in the case of harden-servers/plaintext and harden-clients/plaintext). This is unfortunately not possible, AFAIK. With the current conception of the package, these notes are displayed too late to be useful during the installation procedure. What? The notes are not for you to remove packages but to make sure that you use try to configure your system for encryption. Then it is worst than I thought. If these notes are not even made to explain what's happening during the installation process, then they really should be removed. Conclusion: If you want to keep the current philosophy of the package without bothering users with pointless notes, you should take the following actions: * remove harden/welcome (or move it to a README.Debian file) It is already with priority low output, so I do not really agree. Even with a low priority, once again, imagine that every package displays a note with Hello, you are using the foobar package. You can find more documentation blablabla It would simply make the low priority unused by users. * remove harden-*/plaintext and emphasize (if needed) the package description about the conflicts But they are not for describing the conflicts. See above. * provide documentations such as README, manpage, ... for harden-servers/inetd and harden-servers/vncserver (and of course remove those notes) No I will not do this last point, unless inetd have changed their defaults of course. Still the same difference of opinion, i.e. something like that has no added value during the package configuration process. I'm afraid our main disagreement is the distinction I made between installation/configuration of a package and use of a package. It seems for me that you consider you're using a package as soon as you start to install it. If I'm right with this last statement, then I will change my argumentation :-) Sorry to be so insistent for the removal of these debconf templates, but one of my main activities within Debian is debconf-related QA and I'm still convinced that you are using debconf where you should not. That's why I really would like to see this issue fixed :-) Cheers, -- Thomas Huriaux signature.asc Description: Digital signature
Bug#363931: harden: Please do not abuse debconf
Package: harden Version: 0.1.20 Severity: normal Hi, All of your debconf notes are typical Debconf abuse. Such notes have no added value during the package configuration process. The information they contain should go to the package documentation and should never stop the installation process. Cheers, -- Thomas Huriaux signature.asc Description: Digital signature
Bug#363931: harden: Please do not abuse debconf
tags 363931 + wontfix thanks Hi On Thu, Apr 20, 2006 at 07:32:00PM +0200, Thomas Huriaux wrote: Package: harden Version: 0.1.20 Severity: normal Hi, All of your debconf notes are typical Debconf abuse. Such notes have no added value during the package configuration process. The information they contain should go to the package documentation and should never stop the installation process. You have misunderstood the purpose of this package suite. The harden packages provide _nothing_ more than a guide for the system administrator with conflicts, dependencies and debconf output. That is why I'll now mark this package as wontfix. But if you can give me a good explanation on why I should remove a specific debconf question then I may change my mind. I have checked the debconf output and can not see that it is anything wrong with them. The only thing I can see is that maybe the priority can be discussed, but I think it is valid to have medium for the more important ones and low for the less important. If you want to install a system without being stopped by this kind of questions you can change the debconf input level or change the frontend for debconf. Regards, // Ola Cheers, -- Thomas Huriaux -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#363931: harden: Please do not abuse debconf
Ola Lundqvist [EMAIL PROTECTED] (20/04/2006): On Thu, Apr 20, 2006 at 07:32:00PM +0200, Thomas Huriaux wrote: All of your debconf notes are typical Debconf abuse. Such notes have no added value during the package configuration process. The information they contain should go to the package documentation and should never stop the installation process. You have misunderstood the purpose of this package suite. The harden packages provide _nothing_ more than a guide for the system administrator with conflicts, dependencies and debconf output. That is why I'll now mark this package as wontfix. But if you can give me a good explanation on why I should remove a specific debconf question then I may change my mind. I have checked the debconf output and can not see that it is anything wrong with them. You are speaking about debconf questions, but you are only using debconf notes which are not related with the installation/configuration of the package. Debconf is made to configure a package, not to provide documentation. The only thing I can see is that maybe the priority can be discussed, but I think it is valid to have medium for the more important ones and low for the less important. If you want to install a system without being stopped by this kind of questions you can change the debconf input level or change the frontend for debconf. I don't want to install a system without being stopped by questions, I want to have to care only about the configuration of the packages I'm installing during the installation process. So, if the installation stop, it should only to prompt for something needed to configure the package or to mention something *very* important I have to do after the installation of the package to get it working. I will check later how to use the package, and I check a package before installing it to know what it is aimed at. Please remember that you have plenty of way to provide documentation: README.Debian, manpages, ... and do not forget to keep debconf for its own purpose: to configure a package. Cheers, -- Thomas Huriaux signature.asc Description: Digital signature
Bug#363931: harden: Please do not abuse debconf
Hi On Fri, Apr 21, 2006 at 12:31:03AM +0200, Thomas Huriaux wrote: Ola Lundqvist [EMAIL PROTECTED] (20/04/2006): On Thu, Apr 20, 2006 at 07:32:00PM +0200, Thomas Huriaux wrote: All of your debconf notes are typical Debconf abuse. Such notes have no added value during the package configuration process. The information they contain should go to the package documentation and should never stop the installation process. You have misunderstood the purpose of this package suite. The harden packages provide _nothing_ more than a guide for the system administrator with conflicts, dependencies and debconf output. That is why I'll now mark this package as wontfix. But if you can give me a good explanation on why I should remove a specific debconf question then I may change my mind. I have checked the debconf output and can not see that it is anything wrong with them. You are speaking about debconf questions, but you are only using debconf notes which are not related with the installation/configuration of the package. Debconf is made to configure a package, not to provide documentation. Notes or questions. The package do not provide more than help to the administrator. The only thing I can see is that maybe the priority can be discussed, but I think it is valid to have medium for the more important ones and low for the less important. If you want to install a system without being stopped by this kind of questions you can change the debconf input level or change the frontend for debconf. I don't want to install a system without being stopped by questions, I want to have to care only about the configuration of the packages I'm installing during the installation process. So, if the installation stop, it should only to prompt for something needed to configure the package or to mention something *very* important I have to do after the installation of the package to get it working. Yes but it is important for hardening of the system to follow the instructions mentioned. Without it is not much use of the package. I will check later how to use the package, and I check a package before installing it to know what it is aimed at. Please remember that you have plenty of way to provide documentation: README.Debian, manpages, ... and do not forget to keep debconf for its own purpose: to configure a package. Yes and that is what harden-doc is for, the full documentation. If that is all you want then install just that pacakge. I agree with you when it comes to packages that provide actual functionality. The intention of this package is different as its only intention is to help people that are not so used to security to get some help in the process to get a better (hardend) system. But still if you have suggestsions on how to improve specific questions (I still use that word even if they are notes) then please do so. Maybe some checks could be done to see if the admin have already followed that instruction? Best regards, // Ola Cheers, -- Thomas Huriaux -- - Ola Lundqvist --- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://www.opal.dhs.org UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
