Security port: automated integration in the mail/file server - to do or not to do ?

[Ion-Mihai Tetcu]

On Wed, 12 Jan 2005 15:21:02 +0200
Adi Pircalabu <apircalabu at bitdefender.com> wrote:

> Hello,
> 
> I'm working for a security port and I noticed that none of the existing
> ones integrate their filters automatically after install, regardless of
> the agent they are installed for. Instead, every port gives (usually
> from pkg-message) the necessary information on how to integrate the
> filter.
> My question is: what is the right FreeBSD way to handle this filter
> integration issue? I definitely see two options:
> 1. automatic integration of the filter (probably from pkg-plist or
> pkg-install), including the needed changes in agent's configuration.
> 2. the integration should be done by the user using the information
> provided in post install messages.

While I try to make my ports as user friendly and automated as possible,
I would vote for 2) above. I hate when something just changes on my
system without me telling it to do so explicitly; plus I could very well
install the port today and wait to the end of the week to switch it on
for testing; plus there will always be some strange edge cases when
you'll just break some custom configuration.

Eventually (if possible, since I didn't saw that Makefile ;) ) if you
can somehow integrated the required changes but not activate them (e.g.
an rc script and a portname_enable="YES" that one should set to activate
them).

And BTW one would be able to run (part of) that "security port" as a
nice postfix queue filter without having to scratch its left left side
with the right foot, right ? :)


-- 
IOnut
Unregistered ;) FreeBSD "user"