[Mageia-dev] [RFC] msec (nail) can't send reports to local users accounts - require an MTA?

blind Pete 0123peter at gmail.com
Fri Sep 23 04:16:26 CEST 2011 

on Fri, 23 Sep 2011 05:37
in the Usenet newsgroup gmane.linux.mageia.devel
Florian Hubold wrote:

> Am 22.09.2011 00:09, schrieb Luc Menut:
>> Le 21/09/2011 20:35, Florian Hubold a écrit :
>>> Hello,
>>>
>>> during validation of validation of msec/sectool update candidates,
>>> a problem showed up: https://bugs.mageia.org/show_bug.cgi?id=1621
>> ...
>>>
>>> But if we want security reports to be sent to local users if they
>>> specify so, how to proceed further?
>>>
>>
>> msec can work very well without sending these reports by email; all the 
>> security's reports are available in /var/log/security, and msec notifies the 
>> user about this at each time it runs, so sendmail is absolutely not mandatory.
>> So I think that msec shouldn't have a Requires on sendmail-command, 
>> eventually it can be a Suggest.
>>
>> But perhaps we could/should change the configuration of msec to not send 
>> email by default, by adding MAIL_WARN=no in /etc/security/msec/security.conf.
>>
>>
> So, to summarize, there happen to be multiple solutions here:
> 
> 
> 1. do NOT require an MTA, let users manually read reports from /var/log/security
>      maybe even remove nail from msec Requires as it is currently non-functional.
>      Also Luc's proposal cited above could be realized.

1a.  Popup box (this sort of happens in KDE) or a "write" message to 
the tty that says, "go read the logs".  

> 2. do require sendmail-command, which will pose a problem to users
>      installing from the CLI, because they are presented with a choice:
> 
>     One of the following packages is required:
>        1 dma
>        2 ssmtp
>        3 postfix
>        4 sendmail
>        5 msmtp
>     Please make a selection:
> 
>      Additionally this will force an MTA onto every default installation and every
>      installation that currently has msec installed.
> 
> 3. do require dma, which is a rather minimal MTA, and delivers without 
> configuration
>      Please see https://bugs.mageia.org/show_bug.cgi?id=2255#c36 for details.
>      This would also allow coexistence with an already-installed MTA, IIUC.
> 
> 4. Try to fix nail, which is required by msec and so in every default installation,
>      so that it is able to deliver mail by itself, without sendmail.

Impossible question but would that involve much work?  

> Please give your votes.

Anything that works is acceptable.  

If you want to get fancy, offer a choice that includes 
"none (will lose functionality)".  Default to whatever 
MTA has already been selected, or dma if no previous 
selection has been made.

More information about the Mageia-dev mailing list