Fernando J. Pereda’s blag

May 27, 2008

Shipping default configurations

Filed under: blag — Tags: — Fernando J. Pereda @ 1:08 am

I’ve spent a couple of days getting postfix into arbor. At some point, I got to decide what to provide our users with with respect to configurations.

Postfix has two main configuration files, main.cf and master.cf. The former controls general postfix settings like “who do I accept mail from?” (mynetworks), “for which hosts am I going to receive mail?” (mydestination), “who do I send mail to?” (relayhost) and so on. While the latter specifies which servers (postfix works by doing different tasks in different servers) are going to be run and whith which parameters.

In Exherbo, we are going to follow upstream unless when we can’t. In this particular case, upstream’s wording isn’t particularly clear to me. They discourage providing a big file full of comments by default (which is what Gentoo does) so that people don’t tinker with stuff they don’t understand. And they encourage packagers to provide a small configuration. Turns out this isn’t exactly possible since there are several different use cases for a software package like postfix.

I also hate what Debian does, they usually provide a default configuration and automagically start the service. Leaving you potentially open to security attacks.

In the end, I decided to ship a simple example configuration file that postfix won’t see and let users provide their own configuration. I, for instance, expect people using postfix to know what they are doing and to be able to configure it themselves. For the master.cf, I ended up copying the one in the source distribution since that one seems simple enough.

What do you think about this? Do you expect software to be configured for you upfront?

It is not like it is going to change what we do in Exherbo, but I got curious.

— ferdy

Advertisements

6 Comments »

  1. “so that people don’t tinker with stuff they don’t understand”

    IMHO, comments are great for explaining things so one does understand. I for one don’t change my mail configuation often enough to really remember the configuation settings.

    Example files are good. Not automatically adding the service to the runlevel and starting it is also good.

    My 2c.

    Comment by clearchris — May 27, 2008 @ 3:23 am

  2. For me, putting an essay inside a config file doesn’t help at all (see lm-sensors for example). I’ve found it much easier when the default config file just contains commented out default values with a few explanations.

    I couldn’t agree more with you on Debian though; that whole system seems designed to screw up my train of thought by doing things behind my back.

    Comment by ant — May 27, 2008 @ 4:11 am

  3. I’m fairly split on this.

    One way, it’s nice to have a basic, well documented, working example to start from.

    The other way, you probably should be reading up on how to properly configure whatever it is you are working on.

    I think the middle road would probably be if upstream provided a good example to start from. It sounds like this is what postfix is doing.

    Maybe it’d be useful to store metadata to the effect of where you’d go looking for how to configure something, and display this to the user at some point, like ‘default configurations installed to /some/path. See http://somewhere.com as a starting point for configuring’.

    Comment by Josh Nichols — May 27, 2008 @ 5:33 am

  4. “What do you think about this? Do you expect software to be configured for you upfront?”

    that depends on the software.

    non-critical services could be pre-configured . i like gentoo for providing e.g. preconfigured ivman which works just fine with default setup, whereas in archlinux i have to copy the example configs under their default names even though i don’t edit them at all.

    more critical and complicated stuff (e.g. network/security services) should provide example config that would help first-time users to setup the service but no default config to make it work out-of-the-box, unless there are some sensible (secure) defaults for the service. /etc/conf.d/net.example is a fine example, even though it’s not for an upstream package, but for gentoo itself.

    Comment by yoshi314 — May 27, 2008 @ 8:56 am

  5. @clearchris: That comment comes from Postfix documentation for packagers. I do agree with it though. People tinkering with stuff they don’t know are more likely to screw their configuration. I also think having a completely blank file is moronic, which is why I ended up providing a very simple example configuration.

    @ant: The problem here is that the amount of values to comment is huge. I personally dislike working with several Kb files that are full of comments. Mainly because you can’t see what the current configuration is without scrolling several pages back and forth.

    @Josh: Well, in this case upstream is asking packagers to provide a config themselves. What postfix provides is (for main.cf) a commented files with every single value of postfix configuration. But I do agree with you.

    @yoshi314: Agreed. I’m up for providing a default configuration for, say, syslog-ng. I just feel some packages like mail servers and so should be configured by the user instead of being configured upfront to avoid further problems.

    — ferdy

    Comment by Fernando J. Pereda — May 27, 2008 @ 10:34 am

  6. I like the idea of sticking as close as possible to upstream. Makes it a lot easier to find documentation. Just my 2cents.

    Comment by Daniel — May 27, 2008 @ 9:52 pm


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: