Server issues
I can't be at the meeting today, but I have two issues that trouble me.
AVAHI I absolutely hate avahi. I don't want my machines to be advertising services and trying to find them, especially when I am running a server that's connected straight to the Internet. But getting avahi off a system is harder than I expected, especially since avahi doesn't seem to have good documentation. (1) Should avahi ever be on a production server that's exposed to the net? (2) Is there any documentation on how to get it off the system and still leave the system in a usable and upgradeable state? DOCUMENTATION Every package should have a man page as a matter of course, because the manpage system is the standard documentation This is especially so in a command-line only environment. manpage-alert tells me that about 10% of the packages on my server, and 20% of the packages on my Ubuntu desktop machines, don't have man pages. Substantially all of the missing man pages are from packages that are maintained by the Ubuntu community. Debian policy requires man pages before including the package in the repositories. Every once in a while, some slip into the repos without the man pages, but mostly Debian does a good job of requiring this basic level of documentation. Happy Trails, Loye Young Isaac & Young Computer Company Laredo, Texas http://www.iycc.biz -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Nov 20, 2007 3:52 PM, Loye Young <loye.young@iycc.net> wrote:
> I can't be at the meeting today, but I have two issues that trouble me. > > > AVAHI > I absolutely hate avahi. I don't want my machines to be advertising > services and trying to find them, especially when I am running a > server that's connected straight to the Internet. But getting avahi > off a system is harder than I expected, especially since avahi doesn't > seem to have good documentation. > (1) Should avahi ever be on a production server that's exposed to the net? > (2) Is there any documentation on how to get it off the system and > still leave the system in a usable and upgradeable state? About not starting avahi-daemon: (this is ubuntu/debian specific) sebest@delly2:~$ cat /etc/default/avahi-daemon # 0 = don't start, 1 = start AVAHI_DAEMON_START=1 set it to 0 and then sudo /etc/init.d/avahi-daemon stop Now on avahi-daemon will never start again If you only want avahi to publish nothing, just read the manpage: avahi-daemon.conf it is in the "SEE ALSO" of avahi-daemon disable-publishing=yes there are a lot of other well documented options to fit your needs About documentation, i think that every avahi tools has a manpage sebest@delly2:~$ man avahi- avahi-autoipd avahi-autoipd.action avahi-daemon avahi-daemon.conf On avahi website: http://avahi.org/wiki/Avah4users#Documentation So what is the missing documentation in avahi? > > DOCUMENTATION > Every package should have a man page as a matter of course, because > the manpage system is the standard documentation This is especially so > in a command-line only environment. manpage-alert tells me that about > 10% of the packages on my server, and 20% of the packages on my Ubuntu > desktop machines, don't have man pages. Substantially all of the > missing man pages are from packages that are maintained by the Ubuntu > community. Debian policy requires man pages before including the > package in the repositories. Every once in a while, some slip into the > repos without the man pages, but mostly Debian does a good job of > requiring this basic level of documentation. > > Happy Trails, > > Loye Young > Isaac & Young Computer Company > Laredo, Texas > http://www.iycc.biz > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam > -- Sebastien Estienne -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
> About documentation, i think that every avahi tools has a manpage
> sebest@delly2:~$ man avahi- > avahi-autoipd * * * * avahi-autoipd.action *avahi-daemon > avahi-daemon.conf <code> loyeyoung@homer :~$ man avahi* No manual entry for avahi loyeyoung@homer:~$ man avahi-daemon* # This does have a man page, but it doesn't explain much to someone who doesn't already know loyeyoung@homer:~$ man avahi-autoipd No manual entry for avahi-autoipd loyeyoung@homer:~$ man avahi-autoipd.action No manual entry for avahi-autoipd.action loyeyoung@homer:~$ man avahi-daemon.conf # This does have a man page, but it doesn't explain much to someone who doesn't already know </code> > About not starting avahi-daemon: (this is ubuntu/debian specific) <snip details> (1) Your comments are helpful and should be easily accessible in the documentation. (2) AVAHI_DAEMON_START=0 should be default, IMHO. Better yet, avahi shouldn't be on the system at all unless specifically installed. At most, it should be a "Suggested" dependency. (3) Still doesn't explain how to get avahi off the machine and leave it in a usable and upgradeable state. > So what is the missing documentation in avahi? (1) See above. (2) How it interacts with and overrides (some would argue "hijacks") the normal Debian networking system of ifupdown, /etc/network/interfaces, etc. (3) What the jargon in the documentation means. E.g., the following line from the avahi-daemon manpage is unintelligible to someone who doesn't already know the avahi system: ****** " The* daemon* registers local* IP addresses and static services using mDNS/DNS-SD and provides ****** two IPC APIs for local programs to make use of the mDNS* record* cache the* avahi-daemon maintains. " Whoever wrote this must have an affinity for tax regulations under the U.S. Internal Revenue Code. ;-) -- Loye Young Isaac & Young Computer Company Laredo, Texas (956) 857-1172 loye.young@iycc.net -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
BTW--
My comments on documentation are independent of my comments for Avahi and apply to the system as a whole. On Nov 20, 2007 8:52 AM, Loye Young < loye.young@iycc.net> wrote: I can't be at the meeting today, but I have two issues that trouble me. AVAHI I absolutely hate avahi. I don't want my machines to be advertising services and trying to find them, especially when I am running a server that's connected straight to the Internet. But getting avahi off a system is harder than I expected, especially since avahi doesn't seem to have good documentation. (1) Should avahi ever be on a production server that's exposed to the net? (2) Is there any documentation on how to get it off the system and still leave the system in a usable and upgradeable state? DOCUMENTATION Every package should have a man page as a matter of course, because the manpage system is the standard documentation This is especially so in a command-line only environment. manpage-alert tells me that about 10% of the packages on my server, and 20% of the packages on my Ubuntu desktop machines, don't have man pages. Substantially all of the missing man pages are from packages that are maintained by the Ubuntu community. Debian policy requires man pages before including the package in the repositories. Every once in a while, some slip into the repos without the man pages, but mostly Debian does a good job of requiring this basic level of documentation. Happy Trails, Loye Young Isaac & Young Computer Company Laredo, Texas http://www.iycc.biz -- Loye Young Isaac & Young Computer Company Laredo, Texas (956) 857-1172 loye.young@iycc.net -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Tuesday 20 November 2007 10:56, Loye Young wrote:
> > About not starting avahi-daemon: (this is ubuntu/debian specific) > > <snip details> > (1) Your comments are helpful and should be easily accessible in the > documentation. > (2) AVAHI_DAEMON_START=0 should be default, IMHO. Better yet, avahi > shouldn't be on the system at all unless specifically installed. At most, > it should be a "Suggested" dependency. > (3) Still doesn't explain how to get avahi off the machine and leave it in > a usable and upgradeable state. Agreed. IMO it's in technical compliance with no open ports by default, but really stretches the spirit of it. > > So what is the missing documentation in avahi? > > (1) See above. > (2) How it interacts with and overrides (some would argue "hijacks") the > normal Debian networking system of ifupdown, /etc/network/interfaces, etc. > (3) What the jargon in the documentation means. E.g., the following line > from the avahi-daemon manpage is unintelligible to someone who doesn't > already know the avahi system: > " The daemon registers local IP addresses and static services > using mDNS/DNS-SD and provides > two IPC APIs for local programs to make use of the mDNS record > cache the avahi-daemon maintains. " > Whoever wrote this must have an affinity for tax regulations under the U.S. > Internal Revenue Code. ;-) Personally I'd rather stay entirely away from it. The entire mDNS idea is a gross DNS hack that ends up piling .local queries up against the DNS roots. Scott K -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Nov 20, 2007 4:54 PM, Loye Young <loye.young@iycc.net> wrote:
> > About documentation, i think that every avahi tools has a manpage > > sebest@delly2:~$ man avahi- > > avahi-autoipd avahi-autoipd.action avahi-daemon > > avahi-daemon.conf > > <code> > loyeyoung@homer :~$ man avahi > No manual entry for avahi > loyeyoung@homer:~$ man avahi-daemon # This does have a man page, but it > doesn't explain much to someone who doesn't already know > loyeyoung@homer:~$ man avahi-autoipd > No manual entry for avahi-autoipd > loyeyoung@homer:~$ man avahi-autoipd.action > No manual entry for avahi-autoipd.action > loyeyoung@homer:~$ man avahi-daemon.conf # This does have a man page, but it > doesn't explain much to someone who doesn't already know > </code> > > > > About not starting avahi-daemon: (this is ubuntu/debian specific) > <snip details> > (1) Your comments are helpful and should be easily accessible in the > documentation. It's a community effort, you can now add this information to the documentation. > (2) AVAHI_DAEMON_START=0 should be default, IMHO. Better yet, avahi This is your opinion, some people doesn't agree, that's why it's possible to disable it. > shouldn't be the system at all unless installed. At most, it should be a > "Suggested" dependency. > (3) Still doesn't explain how to get avahi off the machine and leave it in a > usable and upgradeable state. Some part of an OS can't be removed (i don't know if it's the case for avahi) without breaking the system in some way. Why do you want to "remove" it, disabling it is not enough? > > > > So what is the missing documentation in avahi? > (1) See above. > (2) How it interacts with and overrides (some would argue "hijacks") the > normal Debian networking system of ifupdown, /etc/network/interfaces, etc. > (3) What the jargon in the documentation means. E.g., the following line > from the avahi-daemon manpage is unintelligible to someone who doesn't > already know the avahi system: It's perfectly intelligible to someone who knows zeroconf, avahi is just an implementation of of it. > " The daemon registers local IP addresses and static services > using mDNS/DNS-SD and provides > two IPC APIs for local programs to make use of the mDNS record > cache the avahi-daemon maintains. " > Whoever wrote this must have an affinity for tax regulations under the U.S. > Internal Revenue Code. ;-) Before this sentence that you can read: " The Avahi mDNS/DNS-SD daemon implementing Apple's ZeroConf architecture (also known as "Rendezvous" or "Bonjour")." If the manpage is not clear enough, you could look for "zeroconf" in wikipedia http://en.wikipedia.org/wiki/Zeroconf > > > > > On Nov 20, 2007 9:15 AM, Sebastien Estienne <sebastien.estienne@gmail.com> > wrote: > > On Nov 20, 2007 3:52 PM, Loye Young < loye.young@iycc.net> wrote: > > > I can't be at the meeting today, but I have two issues that trouble me. > > > > > > > > > AVAHI > > > I absolutely hate avahi. I don't want my machines to be advertising > > > services and trying to find them, especially when I am running a > > > server that's connected straight to the Internet. But getting avahi > > > off a system is harder than I expected, especially since avahi doesn't > > > seem to have good documentation. > > > (1) Should avahi ever be on a production server that's exposed to the > net? > > > (2) Is there any documentation on how to get it off the system and > > > still leave the system in a usable and upgradeable state? > > > > About not starting avahi-daemon: (this is ubuntu/debian specific) > > sebest@delly2:~$ cat /etc/default/avahi-daemon > > # 0 = don't start, 1 = start > > AVAHI_DAEMON_START=1 > > > > set it to 0 and then sudo /etc/init.d/avahi-daemon stop > > Now on avahi-daemon will never start again > > > > If you only want avahi to publish nothing, just read the manpage: > > avahi-daemon.conf it is in the "SEE ALSO" of avahi-daemon > > disable-publishing=yes > > > > there are a lot of other well documented options to fit your needs > > > > About documentation, i think that every avahi tools has a manpage > > sebest@delly2:~$ man avahi- > > avahi-autoipd avahi-autoipd.action avahi-daemon > > avahi-daemon.conf > > > > On avahi website: > > http://avahi.org/wiki/Avah4users#Documentation > > > > So what is the missing documentation in avahi? > > > > > > > > DOCUMENTATION > > > Every package should have a man page as a matter of course, because > > > the manpage system is the standard documentation This is especially so > > > in a command-line only environment. manpage-alert tells me that about > > > 10% of the packages on my server, and 20% of the packages on my Ubuntu > > > desktop machines, don't have man pages. Substantially all of the > > > missing man pages are from packages that are maintained by the Ubuntu > > > community. Debian policy requires man pages before including the > > > package in the repositories. Every once in a while, some slip into the > > > repos without the man pages, but mostly Debian does a good job of > > > requiring this basic level of documentation. > > > > > > Happy Trails, > > > > > > Loye Young > > > Isaac & Young Computer Company > > > Laredo, Texas > > > http://www.iycc.biz > > > > > > -- > > > ubuntu-server mailing list > > > ubuntu-server@lists.ubuntu.com > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > > > More info: https://wiki.ubuntu.com/ServerTeam > > > > > > > > > > > -- > > Sebastien Estienne > > > > > > -- > > Loye Young > Isaac & Young Computer Company > Laredo, Texas > (956) 857-1172 > loye.young@iycc.net > -- Sebastien Estienne -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Nov 20, 2007 5:29 PM, Scott Kitterman <ubuntu@kitterman.com> wrote:
> On Tuesday 20 November 2007 10:56, Loye Young wrote: > > > > About not starting avahi-daemon: (this is ubuntu/debian specific) > > > > <snip details> > > (1) Your comments are helpful and should be easily accessible in the > > documentation. > > (2) AVAHI_DAEMON_START=0 should be default, IMHO. Better yet, avahi > > shouldn't be on the system at all unless specifically installed. At most, > > it should be a "Suggested" dependency. > > (3) Still doesn't explain how to get avahi off the machine and leave it in > > a usable and upgradeable state. > > Agreed. IMO it's in technical compliance with no open ports by default, but > really stretches the spirit of it. No open ports by default? How would you use dhcp udp/68 or dns udp/53 without opening ports by default? if you are concern about security, you should use a firewall in the first place. > > > > So what is the missing documentation in avahi? > > > > (1) See above. > > (2) How it interacts with and overrides (some would argue "hijacks") the > > normal Debian networking system of ifupdown, /etc/network/interfaces, etc. > > (3) What the jargon in the documentation means. E.g., the following line > > from the avahi-daemon manpage is unintelligible to someone who doesn't > > already know the avahi system: > > " The daemon registers local IP addresses and static services > > using mDNS/DNS-SD and provides > > two IPC APIs for local programs to make use of the mDNS record > > cache the avahi-daemon maintains. " > > Whoever wrote this must have an affinity for tax regulations under the U.S. > > Internal Revenue Code. ;-) > > Personally I'd rather stay entirely away from it. The entire mDNS idea is a > gross DNS hack that ends up piling .local queries up against the DNS roots. > > Scott K > > -- > > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam > -- Sebastien Estienne -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Tue, 20 Nov 2007 16:15:59 +0100
"Sebastien Estienne" <sebastien.estienne@gmail.com> wrote: > sebest@delly2:~$ cat /etc/default/avahi-daemon > # 0 = don't start, 1 = start > AVAHI_DAEMON_START=1 But, that's not enough. Avahi (and everything done to make it usable) breaks some stuff on computers on which it doesn't even run. Best example is broken PPTP (VPN) when the other side is using .local domain. Then you have to edit /etc/nsswitch.conf and remove all the mdns stuff. I'm all for removing avahi. It did me more harm than good. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
On Tue, Nov 20, 2007 at 06:10:54PM +0100, Ante Karamatić wrote:
> On Tue, 20 Nov 2007 16:15:59 +0100 > "Sebastien Estienne" <sebastien.estienne@gmail.com> wrote: > > > sebest@delly2:~$ cat /etc/default/avahi-daemon > > # 0 = don't start, 1 = start > > AVAHI_DAEMON_START=1 > > But, that's not enough. Avahi (and everything done to make it > usable) breaks some stuff on computers on which it doesn't even run. > > Best example is broken PPTP (VPN) when the other side is using .local > domain. Then you have to edit /etc/nsswitch.conf and remove all the > mdns stuff. > > I'm all for removing avahi. It did me more harm than good. I can't stand it either. -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server issues
> > (2) AVAHI_DAEMON_START=0 should be default, IMHO.
> This is your opinion, some people doesn't agree, that's why it's > possible to disable it. Yes, reasonable minds can differ. That's not the issue. The issue is what should be the default. One could just as easily argue, as I do, that avahi should be disabled by default, and if you want it, you can install it. > Why do you want to "remove" it, disabling it is not enough? Excellent question, and raises the issue of why I hate it so much. The thing keeps coming back from the dead, especially at upgrade time. > It's a community effort, you can now add this information to the documentation. I don't think you are understanding my point about documentation. The thing that is really broken is the process. Yes, this particular information can be added to the docs for this particular piece of software, but that won't fix the process. If we don't nip this trend in the bud, we'll end up with substantially undocumented system that only a few "experts" contribute to. There are many specific reasons that Ubuntu is based on Debian, but all of the specifics are the result of a general process that produces a high quality product. The process is codified in the Debian Policy Manual. That process requires documentation so that everyone can participate and improve the product. It's not a difficult step to add a man page; it's just a step that needs doing _for_every_package_. > It's perfectly intelligible to someone who knows zeroconf, avahi is > just an implementation of of it. Well . . . that's my point: You have to already know zeroconf to understand the documentation. But that's silly, of course, because if you already know how it works, you don't need the documentation in the first place. > Before this sentence that you can read: > " The *Avahi *mDNS/DNS-SD *daemon *implementing *Apple's ZeroConf > architecture (also known as "Rendezvous" or "Bonjour")." > If the manpage is not clear enough, you could look for "zeroconf" in wikipedia > http://en.wikipedia.org/wiki/Zeroconf (1) If your networking system is hosed up, you can't read wikipedia or google. (2) If you want to rely on wikipedia, you don't need authoritative documentation on the system at all. For that matter, you don't need to include the source code either because you could just search the web and read the latest development branch online. While we're at it, let's go all the way and get rid of the help menus, too. We all hate writing help documentation, and anyway all the cool people already know. Let's all just ship a bunch of undocumented binaries and play hide-the-ball and go-find-it-yourself. I'm a manufacturer trying to fix Bug Number One. To do that, I have to ship a product that's easy to learn for those who DON'T already know. Loye -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
| All times are GMT. The time now is 05:05 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.