BTS

Message4896

Author mika
Recipients estellnb
Date 2014-11-18.21:32:22
Content
* Elmar Stellnberger wrote in grml's BTS on 20141118 / 15:49:

[network service startup]
> > We start by default what's considered to be important for our target audience.
> > E.g. there's no point in not starting dhcp by default for the usual scenarios
> > Grml is used in. If you don't want to start dhcp you can easily turn it off by
> > using the nodhcp boot option.

> > What we *could* discuss though is whether it would make sense to make startup of
> > rpcbind/rpb.statd and avahi-daemon more controllable (though we never had a
> > single user requesting this since a long time, so I'm wondering whether it's
> > really such an issue?). Any opinions on that?

> Why not give it an additional boot option (alltogether not only nodhcp) and
> add that option to the default boot menu? This is an important use case.
> I have seen that you have so many boot options; why not add one called
> 'without networking' and/or 'with manual network setup only'.

Because we'd have to overlay/rewrite/adjust any existing init script
that's providing network services to be able to provide such a
"without networking" feature. And if there's not much gain and
demand for it why invest our limited manpower to it? If you know a
better way how to implement that please let us know.

[...]
> Remember that turning off services may not be possible if the wlan
> interface is turned on by default.

You usually need to configure the WLAN interface to even get an IP,
so I can't follow your logic here, sorry.

> >> * gpg keys of all major distributions should be included in order to be able to
> >> verify downloads made via GRML. A similar issue has already been posted for the
> >> System Rescue CD: http://www.sysresccd.org/forums/viewtopic.php?f=6&t=5208
[...]
> I see your point that there will be some overhead in managing such a list.

Feel free to come up with maintaining such a list, I won't do it
since I don't see this as feature relevant for Grml.

> However I believe you did not consider my considerations about it yet:
> If you only have an untrusted internet connection (and we all have) then
> we need some way to fetch the keys via another more trusted medium.
[...]
> I believe you will. - A shop purchased DVD including GRML will be 100%
> safe following this argumentation while simply downloading something
> is known to be 100% unsafe these days.

I disagree, this would mean that you'd rely on the Grml ISO as a
middle man, instead of just verifying the keys on your own. And
checksums and Web of Trust exists.

regards,
-mika-
History
Date User Action Args
2014-11-18 21:32:22mikasetrecipients: + estellnb
2014-11-18 21:32:22mikalinkissue1326 messages
2014-11-18 21:32:22mikacreate