Hi Marc! On Thu, Mar 27, 2025 at 06:01:55PM +0100, Marc Haber wrote:
> We have been shipping sudo_logsrvd by accident as we were not aware of > that program existing. I would like to apologize for that. No need to apologize, I can see your arguments. Actually, it's me whih should do so, as I volunteered a long time ago to take care of that, and then disappeared. Sorry for that. I got covered in work after some layoffs while still keeping project :/ I see that you already clarified on the sudo list, that openssl can be disabled at configure. So my proposal would be: * Add --disable-openssl to the "normal" sudo binary package * Question: Should we also disable logsrv support in the package, given that it you transfer logs securely? * Add openssl as builddepends. That will enable openssl support in the sudo-ldap pacakge. If possible / desidred before Trixie (so more or less right now): * Split of logsrvd into a seperate binary package. If not possible before Trixie: * Would a low priortiy debconf question to sudo-ldap whether logsrvd should be enabled be a good idea? Considerationts post trixie we could: Rename sudo-ldap to "sudo-full" and the normal sudo to sudo-minimal and a transition package sudo pointing to sudo-minimal? Best regards, Alexander