should file ncrack-services go to /etc?

Toshio Kuratomi a.badger at gmail.com
Tue Sep 22 17:42:20 UTC 2009


On 09/22/2009 02:43 AM, Martin Gieseking wrote:
> Am 21.09.2009 23:24, Till Maas wrote:
>> On Mon, Sep 21, 2009 at 04:58:32PM -0400, Casey Dahlin wrote:
>>> On 09/21/2009 04:04 PM, Till Maas wrote:
>>>> On Mon, Sep 21, 2009 at 08:47:24PM +0200, Martin Gieseking wrote:
>>>>
>>>>> during the review of ncrack 
>>>>> (https://bugzilla.redhat.com/show_bug.cgi?id=523199) I noticed that
>>>>> the  file ncrack-services is placed in /usr/share/ncrack by
>>>>> default. Since it  is a kind of configuration file that contains
>>>>> mappings between port  numbers and protocol names (similar to
>>>>> /etc/services), I'm not sure  whether the location
>>>>> /usr/share/ncrack is OK or whether it's required to  move it to
>>>>> /etc. Here's its content:
>>>> Imho it does not need to be moved to /etc, because it should only be
>>>> edited by experienced users and then the user can specify a the edited
>>>> file at the commandline.
>>>>
>>> Neither of which are factors considered by the FHS.
>>
>> Since the file is not meant to be edited, it is not a host-specific
>> config file, but a package version specific config file, which is
>> managed by upstream and not by the user. So from the users point of
>> view, it's more a data file than a config file.
> 
> Casey and Till,
> 
> thanks for your comments. If I interpret them correctly, there's no
> Fedora policy that demands moving the file to /etc even if /etc could
> also be a proper location. Then we can finish the review of ncrack. :)
> 
This is an Incorrect summary.  Fedora has a policy of following the FHS.
 If the files are config, then they go in /etc.  Till is making
incorrect statements when he uses this reasoning:

"""
Imho it does not need to be moved to /etc, because it should only be
edited by experienced users and then the user can specify a the edited
file at the commandline.
"""

The level of experience of the user is irrelevant.  If the user edits
the file to configure the program, then it goes into /etc.

In his next message, though, he says this:
"""
Since the file is not meant to be edited, it is not a host-specific
config file
"""

and concludes that the file is a data file.  This is a more correct
stating of the Guidelines.

> 
>> Btw. as far as I understand the program, if the config file is changed,
>> then an addional module, which is written in C++, that covers the new
>> service needs to be added, too.
> 
> Not necessarily. There might be scenarios where you want to change the
> default ports for several services, maybe because the ssh daemons in
> your local network are configured to listen on port 12345. In this case
> the admin possibly would like to adapt the default settings of ncrack.
> 

This means that the file must go in /etc.

-Toshio

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090922/eff423fc/attachment.sig>


More information about the fedora-devel-list mailing list