From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2011-September/008331.html | 157 ++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) create mode 100644 zarb-ml/mageia-dev/2011-September/008331.html (limited to 'zarb-ml/mageia-dev/2011-September/008331.html') diff --git a/zarb-ml/mageia-dev/2011-September/008331.html b/zarb-ml/mageia-dev/2011-September/008331.html new file mode 100644 index 000000000..424be9bdc --- /dev/null +++ b/zarb-ml/mageia-dev/2011-September/008331.html @@ -0,0 +1,157 @@ + + + + [Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA? + + + + + + + + + +

[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?

+ blind Pete + 0123peter at gmail.com +
+ Fri Sep 23 04:16:26 CEST 2011 +

+
+ +
on Fri, 23 Sep 2011 05:37
+in the Usenet newsgroup gmane.linux.mageia.devel
+Florian Hubold wrote:
+
+> Am 22.09.2011 00:09, schrieb Luc Menut:
+>> Le 21/09/2011 20:35, Florian Hubold a écrit :
+>>> Hello,
+>>>
+>>> during validation of validation of msec/sectool update candidates,
+>>> a problem showed up: https://bugs.mageia.org/show_bug.cgi?id=1621
+>> ...
+>>>
+>>> But if we want security reports to be sent to local users if they
+>>> specify so, how to proceed further?
+>>>
+>>
+>> msec can work very well without sending these reports by email; all the 
+>> security's reports are available in /var/log/security, and msec notifies the 
+>> user about this at each time it runs, so sendmail is absolutely not mandatory.
+>> So I think that msec shouldn't have a Requires on sendmail-command, 
+>> eventually it can be a Suggest.
+>>
+>> But perhaps we could/should change the configuration of msec to not send 
+>> email by default, by adding MAIL_WARN=no in /etc/security/msec/security.conf.
+>>
+>>
+> So, to summarize, there happen to be multiple solutions here:
+> 
+> 
+> 1. do NOT require an MTA, let users manually read reports from /var/log/security
+>      maybe even remove nail from msec Requires as it is currently non-functional.
+>      Also Luc's proposal cited above could be realized.
+
+1a.  Popup box (this sort of happens in KDE) or a "write" message to 
+the tty that says, "go read the logs".  
+
+> 2. do require sendmail-command, which will pose a problem to users
+>      installing from the CLI, because they are presented with a choice:
+> 
+>     One of the following packages is required:
+>        1 dma
+>        2 ssmtp
+>        3 postfix
+>        4 sendmail
+>        5 msmtp
+>     Please make a selection:
+> 
+>      Additionally this will force an MTA onto every default installation and every
+>      installation that currently has msec installed.
+> 
+> 3. do require dma, which is a rather minimal MTA, and delivers without 
+> configuration
+>      Please see https://bugs.mageia.org/show_bug.cgi?id=2255#c36 for details.
+>      This would also allow coexistence with an already-installed MTA, IIUC.
+> 
+> 4. Try to fix nail, which is required by msec and so in every default installation,
+>      so that it is able to deliver mail by itself, without sendmail.
+
+Impossible question but would that involve much work?  
+
+> Please give your votes.
+
+Anything that works is acceptable.  
+
+If you want to get fancy, offer a choice that includes 
+"none (will lose functionality)".  Default to whatever 
+MTA has already been selected, or dma if no previous 
+selection has been made.  
+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1