On Sun, Apr 12, 2015 at 08:22:44AM -0400, Aaron Hunter wrote:
I think the way Digium has structured the binary packages could use a major
change. I rely on the binary packages rather than compiling by source
because my systems are managed by an automated CM tool (I use Ansible but
those using Chef or Puppet will face the same problems) and for security
reasons. I use the CentOS packages.
If you don't like the existing packages, build your own packages.
Some issues with the current package structure are:
- It installs unneeded repositories. The asterisknow package install 12
repositories, of which I use at most 4 (2 asterisk and 2 digium)
- It changes which repositories are enabled and disabled.
- It overwrites .repo files
- Packages are not signed
- It overwrites /etc/issue which is a security violation (albeit a minor
one).
- It installs packages I don't need such as the dahdi ones.( Maybe some of
these are needed for a minimal system, I could be wrong.)
Unless something changed recently, there's a separate package
asterisk-dahdi. Don't install it if you don't want it.
- It requires the --enablerepo=x in the yum command line
The conflict between the Digium repositories and epel is a problem for me
as well but since I can't determine what the actual cause is (probably
package naming issues) I won't include it in my list.
Do include an example output of a conflict so we can have an idea of the
potential problem.
These problems break the automated management of my system and cause
security concerns.
Instead of the complex current system I would recommend something more
simple:
- Remove asterisknow or at least make it optional
- Allow users to install a minimally functioning asterisk from the
asterisk-x and asterisk-current repos only. Any additional modules needed
should be installed separately, including those from the commercial digium
repositories.
- Sign the packages and enable gpgcheck
- Don't overwrite system files or current .repo files
What's the problem?
Have you considered providing your own asterisk.conf with an alternative
astetcdir?
In other words: install asterisk .repo files, yum install asterisk, install
config files, done.
yum install asterisk means it installs a pre-defined set of modules.
But you preffered to have a more modular packaging.
If others on this list also use automated tools to manage their systems I'd
like to hear how you handle the installation and maintenance of asterisk.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users