[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?

Florian Hubold doktor5000 at arcor.de
Thu Sep 22 21:37:04 CEST 2011 

Am 22.09.2011 00:09, schrieb Luc Menut:
> Le 21/09/2011 20:35, Florian Hubold a écrit :
>> Hello,
>>
>> during validation of validation of msec/sectool update candidates,
>> a problem showed up: https://bugs.mageia.org/show_bug.cgi?id=1621
> ...
>>
>> But if we want security reports to be sent to local users if they
>> specify so, how to proceed further?
>>
>
> msec can work very well without sending these reports by email; all the 
> security's reports are available in /var/log/security, and msec notifies the 
> user about this at each time it runs, so sendmail is absolutely not mandatory.
> So I think that msec shouldn't have a Requires on sendmail-command, 
> eventually it can be a Suggest.
>
> But perhaps we could/should change the configuration of msec to not send 
> email by default, by adding MAIL_WARN=no in /etc/security/msec/security.conf.
>
>
So, to summarize, there happen to be multiple solutions here:


1. do NOT require an MTA, let users manually read reports from /var/log/security
     maybe even remove nail from msec Requires as it is currently non-functional.
     Also Luc's proposal cited above could be realized.

2. do require sendmail-command, which will pose a problem to users
     installing from the CLI, because they are presented with a choice:

    One of the following packages is required:
       1 dma
       2 ssmtp
       3 postfix
       4 sendmail
       5 msmtp
    Please make a selection:

     Additionally this will force an MTA onto every default installation and every
     installation that currently has msec installed.

3. do require dma, which is a rather minimal MTA, and delivers without 
configuration
     Please see https://bugs.mageia.org/show_bug.cgi?id=2255#c36 for details.
     This would also allow coexistence with an already-installed MTA, IIUC.

4. Try to fix nail, which is required by msec and so in every default installation,
     so that it is able to deliver mail by itself, without sendmail.

Please give your votes.

More information about the Mageia-dev mailing list