releases and stuff
archaic at linuxfromscratch.org
Tue Nov 9 07:55:21 PST 2004
On Tue, Nov 09, 2004 at 03:04:24PM +0000, Bennett Todd wrote:
> And, as we've been discussing, it's appealing doing the entire
> build as a non-priv user.
As I was trying to point out, that can be done entirely without a
destdir. I've been using the more_control hint for at least 2 years.
Either way, if the book goes the route of non-root installs (which
sounds, in theory, like a very good idea), there will be *loads* of
extra text dealing with specific little package niggles.
> Another advantage of software packaging, that might be worth
> considering, is that the tooling automation it provides can help in
> tracking and incorporating updates to upstream versions --- such as
> security fixes.
But eventually we have to get to the following questions;
What do we use for a package manager?
Is this book primarily for building a hardened server, or teaching how
to build a hardened server? (or where on the scale should we be?)
What role do we take in teaching good admin *practices* versus teaching
how to admin a box?
> It can also make it easier to partition work, maintaining individual
> packages, perhaps by different people.
Yes, but multiple admins is a highly debatable, highly personal, and
highly advanced topic. I know you are using it in context of supporting
evidence, but I just wanted to throw out there for everyone that that is
not something we should use as a means of justifying package management.
It should be for us (i.e. the writers and readers) merely a possible
enhancement gained by using package management.
There should be no doubt as to the validity of package management in a
secure environment. To me, that seems as elementary as the concept of
building a new (or updated) package on the devel box and *testing* it
before moving it to the real server.
One point I must make is that I try as much as possible to remove my own
feelings and preferences from the decision making process because I
don't by any stretch of imagination have a lock on the best way to do
things. I'm seeking what is best for the book. I appreciate the fact
that you do the same as well as conjuring up thought provoking questions
that will lead us to a more balanced view of the overall design.
Never could an increase of comfort or security be a sufficient good to
be bought at the price of liberty.
- Hillaire Belloc
More information about the hlfs-dev