[pkg-dhcp-devel] Running the DHCP server as non-root

Andrew Pollock apollock at debian.org
Sun May 15 21:05:48 UTC 2011 

On Sun, May 15, 2011 at 01:15:33PM +0200, Matt Zimmerman wrote:
> On Thu, Apr 28, 2011 at 04:15:44PM -0700, Andrew Pollock wrote:
> > On Thu, Apr 28, 2011 at 03:04:34PM +0100, Matt Zimmerman wrote:
> > > I appreciate that, and it's a good practice.  How do you decide when the
> > > benefit of a patch is enough to offset this general principle?
> > 
> > Good question. Generally I just avoid getting on the slippery slope in the
> > first place, as once you start, it becomes a lot harder to say no.
> 
> I'm sure there are cases (like a build failure) where it wouldn't make sense
> to wait because of the severity of the problem in Debian.  This patch is
> obviously a different situation, but (in my opinion of course) offers good
> long-term benefits to Debian users.

Yeah fixing a build failure tends not to introduce new functionality, so
that is a different ball of wax. I'm particularly loathe to introduce
distro-specific functionality, where upstream may introduce something
similar but sufficient different in the future, that it makes switching to
the "proper" implementation more troublesome than just waiting for it to
come in the first place. 

That isn't the case for the particular patch we're talking about here, but
is the case for the patch Ubuntu applied to the client to allow it to send
its hostname without hard-coding it. That functionality has finally landed
in 4.2, and is implemented in a completely different manner to how the
Ubuntu patch does it.
 
> > > Have you found some more time to work on this past mid-April as you hoped?
> > > Is there any word from upstream?
> > 
> > Not yet, but thanks for the reminder, as this had totally slipped my mind.
> > I'm gradually getting things off my plate, and this is approaching the top.
> > 
> > I kicked upstream today, and they're going to get back to me. I'll schedule
> > a face to face meeting for some time in the next couple of weeks.
> 
> It's been a couple of weeks, and I'm curious if you've got feedback from
> upstream.  Would it help if I contacted them directly on behalf of Debian
> and CCed you?

I had lunch with then on Thursday and went over a number of bugs and patches
that I've escalated to them over the years, but are still unaddressed. The
de-rooting patch was one I covered in particular, given the ongoing interest
in it.

In following up, they told me about the --enable-paranoia and
--enable-early-chroot configure flags, which are apparently completely
undocumented. I need to investigate these further and see how much they
overlap with the existing de-rooting patch, if at all.

They're talking about a 4.3 release coming out in the fall I think they
said, so I'm hopeful now that I've repositioned the de-rooting patch on
their radar, that they'll consider it for inclusion in that feature release.

regards

Andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-dhcp-devel/attachments/20110516/5956eae9/attachment.pgp>

More information about the pkg-dhcp-devel mailing list