Date: Wed, 20 Apr 2005 19:48:07 -0400 From: Yarema <yds@CoolRat.org> To: Jose M Rodriguez <josemi@freebsd.jazztel.es> Cc: freebsd-ports@freebsd.org Subject: Re: splitting courier-authlib into master+slave ports Message-ID: <B21804CCF113A1FF6814894C@tuber.coolrat.org> In-Reply-To: <200504202144.12138.josemi@redesjm.local> References: <20050414111426.775f6afd.lehmann@ans-netz.de> <20050420121254.34c59e53.lehmann@ans-netz.de> <9F0C7E4FBA18BFD0B3946DFE@tuber.coolrat.org> <200504202144.12138.josemi@redesjm.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--On Wednesday, April 20, 2005 21:44:11 +0200 Jose M Rodriguez=20 <josemi@freebsd.jazztel.es> wrote: > El Wednesday 20 April 2005 20:27, Yarema escribi=F3: >> >> FWIW I'd like to weigh in with my opinion. I think this move to a >> meta port just so we can have OPTIONS selectable dependencies does >> little to improve usability. As I've argued before in an email to >> Oliver there's little need to have more than one >> courier-authlib-method port installed unless one is transitioning >> from one auth-method to another or just experimenting. >> > > Maybe, but you can trust me in this: have the base port and the > components selector in the same place it a bad design. I agree. >> One difference between the courier-authlib-20050408.00.tgz version >> and courier-authlib-20050420.00.tgz is that I make --with-authpam >> part of the base port's CONFIGURE_ARGS. This prevents libauthpwd.so.0 >> from being built and instead builds >> lib/courier-authlib/libauthpam.so.0. authpwd is discouraged as per >> <http://www.courier-mta.org/authlib/README_authlib.html>: >> >> NOTE: It might be tempting to throw in a towel and use authshadow or >> authpwd if you cannot figure out how to install PAM support, however >> that is not advisable. It is highly recommended to use authpam >> wherever the PAM library is available. >> > > We have a FreeBSD supported version without a pam library? I think no. > >> The authpwd module is also documented in the same README to use "the >> C library's getpw() functions" which in turn are documented to be >> made "made obsolete by getpwuid(3)" in the FreeBSD getpw(3) man page. >> >> So given the above two citations from both courier-authlib docs and >> FreeBSD's docs why not just do away with authpam being optional and >> make it the default part of the base package? >> Yes, we do have "a FreeBSD supported version without a pam library"=20 installed if only the base port is installed. I made this happen to for=20 the sake of completness and now I'm presenting arguments that it is a bad=20 idea. Thing is that the courier-authlib port, as it is committed NOW, will = install the no PAM version "libauthpwd.so.0" if NONE of the OPTIONS are=20 selected. Yet the PLIST in the current version does not include=20 "libauthpwd.so.0". See for yourself. Make sure that you have no WITH_ tunables in=20 /etc/make.conf and unselect all the options in 'make config' then 'make=20 install' and look in /usr/local/lib/courier-authlib/ -- you'll see that=20 there's a "libauthpwd.so.0" in there. Then 'pkg_delete=20 courier-authlib-0.55_1' and you'll get: pkg_delete: unable to completely remove directory=20 '/usr/local/lib/courier-authlib' pkg_delete: couldn't entirely delete package (perhaps the packing list is=20 incorrectly specified?) This is how things are NOW. I noticed this when I did my initial rewrite=20 and modified the base port PLIST to account for "libauthpwd.so.0". Now I'm = making a case to do away with it all together by making --with-authpam=20 nonoptional. I'm simply arguing to have something removed that noone=20 except me noticed existed. It's either we have "libauthpwd.so.0" or the more modern "libauthpam.so.0"=20 installed in the base port. Both essentially do the same thing by default. = All the documentation I cited points to PAM being the better choice. --=20 Yarema http://yds.CoolRat.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B21804CCF113A1FF6814894C>