Subject: Re: portmap=no, nfs_{client,server}=yes
To: None <tech-userlevel@netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-userlevel
Date: 11/19/1999 14:25:05
[Multiple messages quoted here.]
> Maybe we could get away with an extra comment next to the portmap=
> entry, plus the syslogged WARNING on boot if one of the other flags
> enables portmap?
> I really, really object to it starting portmap unless it's been
> specifically requested. [...default to more-secure...]
> Proposal:
> - If any portmap dependent service is enabled without
> portmap, syslog a big warning, and disable service.
> - Add a comment in rc.conf by each portmap dependent
> service to the effect it needs portmap enabled.
I am leery of anything that automatically enables or disables anything
based on anything else. I don't see why we should make it impossible
to run (say) the NFS server without portmap if that's what the admin
has configured. (A warning I have no problem with, though a nice frill
might be a way to tell it "yes, I know I configured it that way and
that's how I want it, shut up".)
"UNIX doesn't stop you from doing stupid things because that would also
stop you from doing clever things." I don't know what those clever
things might be in this case, but I'm sure they're lurking somewhere,
waiting for someone to discover them.
I guess it's a question of when it gets to the point of being unusual
enough that we don't mind telling people "if you want to do that, go
hack on /etc/rc".
der Mouse
mouse@rodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B