[crux-devel] meeting notes & next IRC Meeting

Daniel Mueller daniel at danm.de
Tue May 30 22:40:01 UTC 2006


On Monday 29 May 2006 22:36, Brett Goulder wrote:

> > 1. move /etc/rc.d/net to iproute2
> >   The consensus here was that we'll move /etc/rc.d/net to iproute2 for
> >   2.3 but keep shipping net-tools
>
> If iproute2 is smaller/simpler/better in some way to ifconfig, then I'm all
> for it.

It's not smaller and it's not simpler [1]. It is the only tool that takes 
advantage of recent kernel network features [2]. 

> > 2. use PAM
> >   This has to be investigated, it's a tough balance between features and
> >   simplicity; integrating CRUX into certain infrastructures can be
> >   rather hard without PAM, and the transition seems painful. We need to
> >   evaluate the impact of this before deciding
>
> I think we're better off without it, CRUX is, after all, a distribution
> following the KISS way of life, so complexity like this seems wrong. I
> would probably end up modifying half of core/opt/contrib to kill PAM from
> my system and I think others who enjoy the simplicity of CRUX would
> probably get annoyed by PAM. I vote that PAM stays out of CRUX.

Why would you get annoyed by PAM? If it is proper configured you won't even 
notice the difference nor you need to touch it. Only to make that clear: PAM 
is the de facto standard (ALL major Linux distributions ship it). New 
directory services/infrastructures requiring authentication utilize PAM (e.g. 
kerberos, ldap). I don't like this egoistic thinking: "I don't need it -> 
leave it out!". 
It's a pain in the ass to configure PAM if it is not pre-installed. People 
depending on PAM have to modify numerous ports only to get it running ('cause 
it doesn't work out-of-the-box). Later then, they need to keep an eye of 
every particular port they have modified (port updates, security flaws etc.).

> [..] I would probably end up modifying half of core/opt/contrib to kill PAM
> from my system [..]

Just don't touch it. getspent(3) works with and without PAM - you're not 
forced to access your system's /etc/shadow file through pam(_unix).

> I think we're better off without it, CRUX is, after all, a distribution
> following the KISS way of life, so complexity like this seems wrong.

CRUX users need to configure their kernels themself, configure their system 
without GUI editors, have to compile applications themself and you're telling 
me that PAM is too 'complex'? Or did you mean the CRUX user base is too lazy 
to read documentation[3]? Let me quote some words I found on CRUX's main 
page "[..] targeted at experienced Linux users", "The secondary focus is 
utilization of new Linux features and recent tools and libraries".

bye, danm

PS: I kindly ask you to reconfigure your mail client to NOT include the email 
addresses then answering. In Sylpheed go to

Configuration -> Common Preferences -> Tab: Compose -> Tab: Format

Please replace the %f symbol to %N in the "Reply format" text box and remove 
From:, To: and CC: completely in the "Forward format" text box. Thanks.

[1] http://crux.danm.de/files/x86/iproute2/net.rc
[2] http://linux-net.osdl.org/index.php/Iproute2
[3] http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/
-- 
Daniel Mueller
Berlin, Germany         OpenPGP: 1024D/E4F4383A



More information about the crux-devel mailing list