From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Sun, 14 Apr 2013 13:46:12 +0000
Subject: Add zarb MLs html archives

---
 zarb-ml/mageia-dev/2011-September/008326.html | 189 ++++++++++++++++++++++++++
 1 file changed, 189 insertions(+)
 create mode 100644 zarb-ml/mageia-dev/2011-September/008326.html

(limited to 'zarb-ml/mageia-dev/2011-September/008326.html')

diff --git a/zarb-ml/mageia-dev/2011-September/008326.html b/zarb-ml/mageia-dev/2011-September/008326.html
new file mode 100644
index 000000000..d7072bcfe
--- /dev/null
+++ b/zarb-ml/mageia-dev/2011-September/008326.html
@@ -0,0 +1,189 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20%5BRFC%5D%20msec%20%28nail%29%20can%27t%20send%20reports%20to%20local%0A%20users%20accounts%20-%20require%20an%20MTA%3F&In-Reply-To=%3C4E7BA477.9050406%40laposte.net%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="008336.html">
+   <LINK REL="Next"  HREF="008334.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?</H1>
+    <B>andre999</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20%5BRFC%5D%20msec%20%28nail%29%20can%27t%20send%20reports%20to%20local%0A%20users%20accounts%20-%20require%20an%20MTA%3F&In-Reply-To=%3C4E7BA477.9050406%40laposte.net%3E"
+       TITLE="[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?">andre999.mga at laposte.net
+       </A><BR>
+    <I>Thu Sep 22 23:11:19 CEST 2011</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="008336.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local	users accounts - require an MTA?
+</A></li>
+        <LI>Next message: <A HREF="008334.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#8326">[ date ]</a>
+              <a href="thread.html#8326">[ thread ]</a>
+              <a href="subject.html#8326">[ subject ]</a>
+              <a href="author.html#8326">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Florian Hubold a &#233;crit :
+&gt;<i> Am 22.09.2011 00:09, schrieb Luc Menut:
+</I>&gt;&gt;<i> Le 21/09/2011 20:35, Florian Hubold a &#233;crit :
+</I>&gt;&gt;&gt;<i> Hello,
+</I>&gt;&gt;&gt;<i>
+</I>&gt;&gt;&gt;<i> during validation of validation of msec/sectool update candidates,
+</I>&gt;&gt;&gt;<i> a problem showed up: <A HREF="https://bugs.mageia.org/show_bug.cgi?id=1621">https://bugs.mageia.org/show_bug.cgi?id=1621</A>
+</I>&gt;&gt;<i> ...
+</I>&gt;&gt;&gt;<i> But if we want security reports to be sent to local users if they
+</I>&gt;&gt;&gt;<i> specify so, how to proceed further?
+</I>&gt;&gt;<i>
+</I>&gt;&gt;<i> msec can work very well without sending these reports by email; all
+</I>&gt;&gt;<i> the security's reports are available in /var/log/security, and msec
+</I>&gt;&gt;<i> notifies the user about this at each time it runs, so sendmail is
+</I>&gt;&gt;<i> absolutely not mandatory.
+</I>&gt;&gt;<i> So I think that msec shouldn't have a Requires on sendmail-command,
+</I>&gt;&gt;<i> eventually it can be a Suggest.
+</I>&gt;&gt;<i>
+</I>&gt;&gt;<i> But perhaps we could/should change the configuration of msec to not
+</I>&gt;&gt;<i> send email by default, by adding MAIL_WARN=no in
+</I>&gt;&gt;<i> /etc/security/msec/security.conf.
+</I>&gt;&gt;<i>
+</I>&gt;<i> So, to summarize, there happen to be multiple solutions here:
+</I>&gt;<i>
+</I>&gt;<i> 1. do NOT require an MTA, let users manually read reports from
+</I>&gt;<i> /var/log/security
+</I>&gt;<i> maybe even remove nail from msec Requires as it is currently
+</I>&gt;<i> non-functional.
+</I>
+Reading from /var/log/security is not especially user-friendly, and will be 
+ignored by less savy users.
+
+&gt;<i> Also Luc's proposal cited above could be realized.
+</I>
+see below.
+
+&gt;<i> 2. do require sendmail-command, which will pose a problem to users
+</I>&gt;<i> installing from the CLI, because they are presented with a choice:
+</I>&gt;<i>
+</I>&gt;<i> One of the following packages is required:
+</I>&gt;<i> 1 dma
+</I>&gt;<i> 2 ssmtp
+</I>&gt;<i> 3 postfix
+</I>&gt;<i> 4 sendmail
+</I>&gt;<i> 5 msmtp
+</I>&gt;<i> Please make a selection:
+</I>&gt;<i>
+</I>&gt;<i> Additionally this will force an MTA onto every default installation and
+</I>&gt;<i> every
+</I>&gt;<i> installation that currently has msec installed.
+</I>
+Solution 3 avoids the complication of choosing, with virtually no disadvantage.
+
+&gt;<i> 3. do require dma, which is a rather minimal MTA, and delivers without
+</I>&gt;<i> configuration
+</I>&gt;<i> Please see <A HREF="https://bugs.mageia.org/show_bug.cgi?id=2255#c36">https://bugs.mageia.org/show_bug.cgi?id=2255#c36</A> for details.
+</I>&gt;<i> This would also allow coexistence with an already-installed MTA, IIUC.
+</I>
+(dragonfly mail agent)
+If this works, I'd say that it is the best solution, since it is very compact 
+(64k), and virtually every system will have the DNS it requires installed.
+(Unless of course they don't have Internet or network access.  In which case 
+msec would not be particularly important.)
+Note that it is only at version 0.2 (or 0.3 upstream), so we should test it 
+carefully.
+
+&gt;<i> 4. Try to fix nail, which is required by msec and so in every default
+</I>&gt;<i> installation,
+</I>&gt;<i> so that it is able to deliver mail by itself, without sendmail.
+</I>
+Solution #3 seems much better in every respect.
+
+&gt;<i> Please give your votes.
+</I>
+Solution 3, with changes/verifications noted below.
+Since it is much simpler for the end-user to always have the capability to send 
+security alerts if an email address is entered, without installing anything extra.
+
+There are 2 options at the bottom of the first security page of msec, which 
+should already realise Luc's proposals.  They may have to be fixed.
+
+a) An option to send a security alert by email, where one enters the email 
+address.  By default it is checked.
+However, if no valid format email address is entered, an email should _not_ be 
+sent.
+As well, we should display something similar to
+&quot;(Enter {userid}@localhost for a local user.)&quot;,
+  to help ensure that the user enters a valid local address.
+(Note that there are multi-line descriptions for all the other options above on 
+the same page, so this would fit nicely.)
+
+b) An option to display security alerts on the desktop.  Again, checked by 
+default.  They should probably remain visible until the user dismisses them. 
+(They currently display for a few seconds, then disappear.)
+
+My 2 cents :)
+
+-- 
+Andr&#233;
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="008336.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local	users accounts - require an MTA?
+</A></li>
+	<LI>Next message: <A HREF="008334.html">[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#8326">[ date ]</a>
+              <a href="thread.html#8326">[ thread ]</a>
+              <a href="subject.html#8326">[ subject ]</a>
+              <a href="author.html#8326">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>
-- 
cgit v1.2.1