[Mageia-dev] (second attempt) suggesting sectool be dropped

Claire Robinson eeeemail at gmail.com
Thu Nov 17 13:49:04 CET 2011

On 17/11/11 10:26, Michael scherer wrote:
> On Tue, Nov 15, 2011 at 11:39:29AM +0100, Florian Hubold wrote:
>> Am 15.11.2011 07:29, schrieb Michael Scherer:
>>> Le lundi 14 novembre 2011 à 22:09 -0800, Robert M. Riches Jr. a écrit :
>>>> (New list subscriber...needed to fix registered email address to post...)
>>>> I was asked to submit this suggestion to the mailing list:
>>>> As a Mageia user, I believe msec was much better off with_OUT_
>>>> sectool.  In its present state, sectool is BADLY broken.  It
>>>> whines for pages about file permissions that are exactly as they
>>>> should be.
>>> Can you be more specific ?
>> It think he means this: https://bugs.mageia.org/show_bug.cgi?id=2808
>> or https://bugs.mageia.org/show_bug.cgi?id=2255#c21 or
>> https://bugs.mageia.org/show_bug.cgi?id=2255#c22
>> I've also become supportive of this, sectool is basically duplicating
>> partly msec functionality, there was no adaption for Mageia, currently it's
>> checking on Mageia with the upstream Fedora configuration.
>> Honestly this should have been done when importing it, as
>> tmb already mentioned. msec should be patched to not require it.
>> When we can't even get our default security tool to work properly,
>> what's the point in adding a second one which needs even more
>> maintenance?
> As you say, the question is again "why was it uploaded in the first place".
> It seems some packages were uploaded, and there seemed to have not enough
> tests. While that's hard or impossible to avoid totally, that's not really
> the way to achieve a good distribution :/
> I neither use msec or sectool, so I personnaly do not care that much.
> Afaik, sectool was created by a ex mandriva/mandrake guy ( vincent danen ),
> because he was ( rightfully ) wanting to rewrite  msec, who is/was
> a mess of bash + python + perl code ( and rather ugly code, afaik, last time
> I took a look ), but if msec is supported, and sectool is not, then I guess
> we could drop. However, I still think we should first attempt to collaborate
> and fix it. ( ie, always have the reflex of "try to fix and collaborate" ).

As one of the people who tested it and the one who filed the bug linked 
to above which expresses the need for it to be configured, I object to 
this being blamed on QA! It seems we are kicked whenever anything is wrong.

I believe it is assigned to those higher up to provide a proper 

The bug was dated 22nd September and as yet no configuration exists. 
That does not reflect well on the distribution, not that QA haven't 
performed sufficient testing, which we obviously did.

Claire Robinson

More information about the Mageia-dev mailing list