Hi Fabian, On Thu, Jun 11, 2009 at 10:25:35PM +0300, Fabian Fagerholm wrote: > Actually, the sentence does start conditionally. The "must install" part > only applies if these two conditions are met:
> 1. The user intends to use the package on a server, and > 2. the user intends to provide SASL authentication on that server. Well, that's simply not true. The modules packages also provide the *client* implementations of a number of these methods, without which clients that use the cyrus sasl lib can't negotiate these methods with existing servers. > So those -modules* packages are not needed for, say, a regular desktop > machine. I have a desktop machine for which I require several of them. And regardless, the utility of SASL is significantly reduced if it only supports the default mechanisms built into libsasl2-2. This is not relevant only on the server. > I think we can safely assume that a significant portion of both > Debian and Ubuntu users don't meet those two conditions. They only have > libsasl2-2 installed because it happens to be a Priority: important > package and it's installed automatically. They are probably not even > aware of it. No, they have it installed because there are *applications* as part of the default install that depend on libsasl2-2. The priority of libraries is that of the highest package which depends on them. > Why is libsasl2-2 of important priority? Could we downgrade its > priority? No, and the current priority is not a bug. > libsasl2-2 recommends libsasl2-modules, so the latter is now installed > automatically. This provides a complete and working setup, > using /etc/sasldb2 as the backend for storing authentication > information. The package relationship also allows the user to remove the > -modules package, which can be useful in some situations: embedded or > otherwise constrained systems, or because the user simply has no need to > perform SASL authentication and merely has to have the library installed > to be able to run some other program. Really, I would expect users on embedded systems who care about the size of libsasl2-modules to recompile the applications to omit SASL support entirely. But given that libsasl2-2 includes at least one built-in method that's usable without installing the -modules packages, I concede that Recommends: is the correct relationship and will amend the Ubuntu package accordingly. As I said, this was promoted to Depends: back before Recommends were installed by default, so it's probably not needed anymore at all. > Going further, libsasl2-modules is required by all the other -modules-* > packages. It is needed for them to work, because otherwise there are no > authentication mechanisms to use. There is a difference in function > between the modules in libsasl2-modules and the modules in the other > -modules-* packages. The other -modules-* packages provide ways to store > authentication tokens in something else than /etc/sasldb2, whereas > libsasl2-modules provides different authentication schemes (listed in > the package description). The GSSAPI method is available when the modules packages implementing it aren't installed? That's not really consistent with my experience... I suspect that the libsasl2-modules-gssapi-* packages should not depend on libsasl2-modules at all. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
