[Bug 478605] Review Request: arpcheck - Ethernet Layer 2 checking tool

bugzilla at redhat.com bugzilla at redhat.com
Sat Jan 3 16:35:53 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=478605





--- Comment #1 from Christoph Wickert <fedora at christoph-wickert.de>  2009-01-03 11:35:52 EDT ---
The scrip itself is nice, but having the config inside the script itself is
really bad. In the current state this should not be packaged as rpm.

How about moving the the basic config to lets say /etc/arpcheck.conf,
/etc/archeck/arpreck.conf or /etc/sysconfig/arpcheck and modify the script a
little?


############# CONFIGURATION
####################################################
### ONLY CHANGE IN /etc/sysconfig/arpcheck !!!

if [ ! -f /etc/sysconfig/arpcheck ]; then
    echo "Configuration file /etc/sysconfig/arpckeck not found."
    echo "Please copy /usr/share/doc/arpcheck-1.8-1/arpcheck.conf.default"
    echo "to /etc/sysconfig/arpckeck and edit it for your needs."
    exit 1
fi

. /etc/sysconfig/arpcheck

### End of basic config


Issues:
- Default config is not sane: Defaults for dMACLIST, BLACKLIST and WHITELIST
are not same. If the script is executed with root privileges somewhere is
accidentially creates files that are left behind because they are not owned by
the package
- Log path requires root privileges
- No documentation except in the script itself. Include a README with some of
the info from the header of the script

Ideas: 
- Allow per user config ~/.arpcheck.conf
- Include a template for the configuration instead of providing the config file
automatically to make sure the user edits the file before usage. Something like

if [ ! -f /etc/sysconfig/arpcheck ]; then
    echo "Please copy /usr/share/doc/arpcheck-1.8-1/arpcheck.conf.default"
    echo "to /etc/sysconfig/arpckeck and edit it for your needs."
    exit 1
fi

- Include a README.FFEDORA for distro specific changes
- Install to /usr/sbin if this is only meant to be run as root

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the Fedora-package-review mailing list