[leafnode-list] Re: FQDN and systemd

Matthias Andree matthias.andree at gmx.de
Tue Dec 16 00:46:53 CET 2014


Am 15.12.2014 um 23:58 schrieb Matěj Cepl:
> On 2014-12-15, 19:35 GMT, Matthias Andree wrote:
>> it does not appear to be "required"; it seems to be 
>> a convenience wrapper of some bloatware tool collection that 
>> believes it knows everything better.
> 
> Believe I am not the one to fight too hard for systemd and its 
> related projects, but ... anyway, fair game, it's your package, 
> so you are to decide.

Hi Matěj,

I am wondering if this bears much relevance anyhow.  If users install
leafnode from scratch on bare-bones operating systems, they will need to
know their way around.  If users use some guided text-mode or graphics
mode installer from one of the major distros that would package
leafnode, I assume that these installers also ask for the hostname and
the name of the primary user.

Thank you for sharing your rpmlint results, some will want fixing in the
next snapshot.

> While working on the Fedora package for Leafnode 2 our rpmlint 
> tool told me (among other things, which are mostly my issues) 
> about this:
> 
>     file-not-utf8 
>         /usr/share/doc/leafnode-2.0.0.alpha20140727b/AUTHORS
>         /usr/share/doc/leafnode-2.0.0.alpha20140727b/TODO
>         /usr/share/man/man8/fetchnews.8.gz
>     The character encoding of this file is not UTF-8.

What's missing in AUTHORS?  The ö and ě seem to be UTF-8 encoded.

Can I declare the man8/fetchnews.8 charset inline in the roff sources,
or is that charset stuff still out-of-band in the man(1) configuration?
(I haven't looked at F21 yet, and don't have Rawhide handy.)


>     incorrect-fsf-address 

Warrants fixing.

>     non-standard-dir-perm
>         /var/spool/news 02755L
>         /var/spool/news/leaf.node 02755L
>     A standard directory should have permission set to 0755. If 
>     you get this message, it means that you have wrong directory 
>     permissions in some dirs included in your package.

Only that set-gid is for inheriting the group for newly-created
directories (with on-the-fly repairs) no matter what the primary group
of the creating user is.  I think this permits taking some short cuts
with shared users that are members of the "news" group. Leafnode-2 alpha
/still/ could be used by a news reader that accesses the spool directly
(with potential issues for groups where the names need to be munged, so
that directories no longer match newsgroup name components).

>     non-readable
>         /etc/leafnode/filters 0640L
>         /etc/leafnode/local.groups 0640L
>         /etc/leafnode/uucp 0640L
>         /etc/leafnode/config 0640L
>     The file can't be read by everybody.
> 
> I am not saying that I agree with all of these (particularly 
> permission issues are very difficult, and perhaps I have screwed 
> up somewhere in my building scripts and these permissions are 
> actually not what you think is best; speak up, please, then!), 
> but I think it could be helpful to let you know about these.

The "config" file may contain passwords for upstream servers and thus
needs to be locked down in that situation.  You might make a case for
"split credentials out of config so it can remain open".  Feel free to
provide patches that add an "include" statement, or thereabouts.
There's a Git repository. Clone, hack away, and send patchbombs. :-)

The other three might be opened up for reading, it's all a matter of
local policy at the end of the day.  The plan was that people use NNTP
to request group lists, so that the authentication can determine which
groups are exposed.  The idea is that people who let their kids log onto
their computers need not show the p0rn groups to the kids.  I'm not sure
how much of that is left after I needed to rip out the Lua stuff due to
failing access limitation.

Unfortunately the Lua branch maintainer, Clemens Fischer, is AWOL and I
lost contact (his mail domain disappeared and he did not respond to
list-based calls for his new address), and I never found the time to dig
through the Lua code and hooks and fix it properly myself.

Best,
Matthias



More information about the leafnode-list mailing list