Date: Sun, 24 Apr 2005 12:42:45 +0200 From: Jose M Rodriguez <josemi@freebsd.jazztel.es> To: freebsd-ports@freebsd.org Cc: Milan Obuch <ports@dino.sk> Subject: Re: splitting courier-authlib into master+slave ports Message-ID: <200504241242.45611.josemi@redesjm.local> In-Reply-To: <200504241013.26838.ports@dino.sk> References: <20050414111426.775f6afd.lehmann@ans-netz.de> <200504240933.08799.josemi@redesjm.local> <200504241013.26838.ports@dino.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
El Domingo, 24 de Abril de 2005 10:13, Milan Obuch escribi=F3:
> On Sunday 24 April 2005 09:33, Jose M Rodriguez wrote:
> > El S=E1bado, 23 de Abril de 2005 23:33, Oliver Lehmann escribi=F3:
> > > Milan Obuch wrote:
> > > > On Saturday 23 April 2005 22:27, Oliver Lehmann wrote:
> > > > > tomorrow i'll test if installing/deleting with packages works
> > > > > as expected (adding/deleting user, sysconftool calls...)
> > > >
> > > > I did test this - installed meta port, dependency installed
> > > > base port and userdb (selected method) port. Adding/deleting
> > > > user courier works. To me this looks OK. I will test this
> > > > against courier port (0.49 changed). Milan
> > >
> > > as a port or as a package? I've installed now all ports as
> > > package and it looks like everything works as well. Of course,
> > > the functional test I can only do with the vchkpw/vpopmail
> > > interface. Used with courier-imap and sqwebmail. As far as I can
> > > see, it works.
> > >
> > > Anything left?
> >
> > At last here, one potential problem arise:
> >
> > courier-authlib-base doesn't have any passwd components.
>
> ... which I consider to be good. It should be possible for user to
> select which one he wants.
>
I don't think so. A common user expects couier-authlib be capable of=20
reading system passwd 'out of the box'. The rest must be selectable.
> > I think we must take off courier-authlib-pwd and
> > courier-authlib-pam and direct build courier-authlib-base with pam
> > support.
>
> I do not agree here. To me this new design is better. I am building
> mail servers with virtual hosting and I do not want any unneeded
> components installed. Even small ones.
>
You may take out small component, but this is a system component.
> > This makes courier-authlib-base a good substitute of
> > courier-authlib in dependencies.
>
> For this particular problem, we should add a message telling 'no
> authentication module installed'. I see here just one problem - base
> port/package needs to be installed first, so this test will go to all
> ports depending on courier-authlib... Or maybe after installing base
> port we could just test the presence of options for meta port, and if
> this file/directory does not exist, issue a warning message to the
> user. This way we can even add confirmation request to the user.
>
This may fullfill your needs, but is a really ill system design. This=20
will end with courier-imap and so depends on courier-authlib-pam to=20
gets a minimal working setup.
I think that this is better:
--without-authcustom \
--without-authshadow \
+ --without-authpwd \
+ --with-authpam \
> To me this should be enough. If someone reads this message, he/she
> should understand without authentication module every attempt fails.
> If someone does not read install messages, well, we can't do anything
> for him... Milan
And you can't to disable authpam load in authdaemon to fullfill your=20
needs. Or are you able to do this without too much effort?
Well, can we route the PRs to you? I Expect 'some mail' if=20
courier-authlib can't read system passwd 'out of the box'.
=2D-
josemi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504241242.45611.josemi>