Can anyone explain the following:
yast2-firewall is needed by (installed) yast2-http-server-2.9.20-5
yast2-firewall is needed by (installed) yast2-ntp-client-2.9.10-14
when trying to uninstall yast2-firewall.
I -don't- need a firewall to run on this machine, I have a firewall on
another machine. Talk about STUPID dependencies. But if I DON'T install
the firewall packages I can't run the ntp client nor the http-server
client.
I don't understand the need for a firewall to be installed to run an ntp
client or the http-server config program in yast.
Utter stupidity as far as I am concerned.
--
Ken Schneider
UNIX since 1989, linux since 1994, SuSE since 1998
* Only reply to the list please*
"The day Microsoft makes something that doesn't suck is probably
the day they start making vacuum cleaners." -Ernst Jan Plugge
Ken Schneider
Ken Schneider wrote:
Can anyone explain the following:
yast2-firewall is needed by (installed) yast2-http-server-2.9.20-5 yast2-firewall is needed by (installed) yast2-ntp-client-2.9.10-14
when trying to uninstall yast2-firewall.
These YAST modules interface to the firewall module to open up the correct ports in the firewall for their respective needs, thus the dependency.
I -don't- need a firewall to run on this machine, I have a firewall on another machine. Talk about STUPID dependencies. Not really. But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I believe you could run them, just not configure them through their Yast modules.
I don't understand the need for a firewall to be installed to run an ntp client or the http-server config program in yast.
Yast is only for configuration, not for running. HTH. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Registered Linux user 231871
On Sat, 2005-03-05 at 18:47, Joe Morris (NTM) wrote: Thanks for the reply.
Ken Schneider wrote:
Can anyone explain the following:
yast2-firewall is needed by (installed) yast2-http-server-2.9.20-5 yast2-firewall is needed by (installed) yast2-ntp-client-2.9.10-14
when trying to uninstall yast2-firewall.
These YAST modules interface to the firewall module to open up the correct ports in the firewall for their respective needs, thus the dependency.
Whoopee! A simple note on the left panel of the config screen can't do that!
I -don't- need a firewall to run on this machine, I have a firewall on another machine. Talk about STUPID dependencies. Not really.
Yes really. Forced to install a package because it wants to open a port in a firewall that isn't needed IS stupid when all you want is the ability to use the config program to config the program. YES STUPID!
But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I believe you could run them, just not configure them through their Yast modules.
No! they will not run without the firewall stuff installed.
I don't understand the need for a firewall to be installed to run an ntp client or the http-server config program in yast.
Meant client config program not the daemon.
Yast is only for configuration, not for running. HTH. -- Joe Morris
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 * Only reply to the list please* "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
On Saturday 05 Mar 2005 23:47 pm, Joe Morris (NTM) wrote:
Ken Schneider wrote:
<SNIP>
Talk about STUPID dependencies.
Not really.
Maybe not STUPID, but stupidly annoying sometimes. It would be really nice if a dependency could be flagged as *essential* or *optional*. For example, in a network with no Windows boxes, it narks me a bit to have samba installed because some networking package supports it, but would otherwise function completely without it.
But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I believe you could run them, just not configure them through their Yast modules.
You CAN run both without the firewall, or the yast firewall module installed, but yast will complain about dependencies every time you run the install/remove module. Dylan -- "I see your Schwartz is as big as mine" -Dark Helmet
On Sun, 2005-03-06 at 16:14, Dylan wrote:
On Saturday 05 Mar 2005 23:47 pm, Joe Morris (NTM) wrote:
Ken Schneider wrote:
<SNIP>
Talk about STUPID dependencies.
Not really.
Maybe not STUPID, but stupidly annoying sometimes. It would be really nice if a dependency could be flagged as *essential* or *optional*. For example, in a network with no Windows boxes, it narks me a bit to have samba installed because some networking package supports it, but would otherwise function completely without it.
Agree here, stupidly annoying is a better term.
But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I believe you could run them, just not configure them through their Yast modules.
You CAN run both without the firewall, or the yast firewall module installed, but yast will complain about dependencies every time you run the install/remove module.
Dylan
Actually the ntp-client module will not run, I get the following error: pc5:/var/lib/ntp # yast2 ntp-client Import 'SuSEFirewall' failed Import 'SuSEFirewall' failed No such client module ntp-client Run 'yast2 -h' for help on usage and yes the package -is- installed even though it says it isn't. -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 * Only reply to the list please* "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
Talk about STUPID dependencies.
Not really.
Maybe not STUPID, but stupidly annoying sometimes. It would be really nice if a dependency could be flagged as *essential* or *optional*. If you check the Advanced button on the Yast NTP Client module, you will see the capability to configure the firewall (not at all uncommon in
Dylan wrote: that situation). That would make the Yast Firewall Module a dependency. It would also be logical that that would have a dependency on SuSEfirewall2. NOTE: The dependencies are logical, as far as having them available since they are a part of the NTP Client configuration features. There is no compulsion to run a firewall if you so desire not to.
For example, in a network with no Windows boxes, it narks me a bit to have samba installed because some networking package supports it, but would otherwise function completely without it.
With the size of hard drives these days, you are only losing a little bit of space to have them installed. Installed does not mean you have to use them.
But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I believe you could run them, just not configure them through their Yast modules.
You CAN run both without the firewall, or the yast firewall module installed, but yast will complain about dependencies every time you run the install/remove module.
And rightly so, as explained above. But having them installed doesn't mean you have to use them. To not have the dependency would mean to lose that config feature in the module. SuSE obviously thought it was best to have the feature to also configure the firewall for those who do use one, which I think was a good choice. If you did run a firewall, it would be a nice to also open those ports on the firewall so your http server could be reached, or so your ntp client could sync. You could always hand edit those configs and not install the Yast modules or the firewall, but that would take away the ease of the Yast config. So that is the choice. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Registered Linux user 231871
Dylan
Maybe not STUPID, but stupidly annoying sometimes. It would be really nice if a dependency could be flagged as *essential* or *optional*.
Try to convince the rpm developers. It would be useless if SUSE created its own version of rpm. Yes, rpm does have a number of drawbacks (like the inability to keep track of package renames) which we'll have to live with as long as its the standard packaging method. Philipp
The Monday 2005-03-07 at 03:41 +0100, Philipp Thomas wrote:
Dylan
[Sun, 6 Mar 2005 21:14:14 +0000]: Maybe not STUPID, but stupidly annoying sometimes. It would be really nice if a dependency could be flagged as *essential* or *optional*.
Try to convince the rpm developers. It would be useless if SUSE created its own version of rpm.
Yes, rpm does have a number of drawbacks (like the inability to keep track of package renames) which we'll have to live with as long as its the standard packaging method.
True. Would it be possible for Yast to handle those things, like package renames across suse updates? It would be nice :-) -- Cheers, Carlos Robinson
The Saturday 2005-03-05 at 17:50 -0500, Ken Schneider wrote:
Can anyone explain the following:
yast2-firewall is needed by (installed) yast2-http-server-2.9.20-5 yast2-firewall is needed by (installed) yast2-ntp-client-2.9.10-14
when trying to uninstall yast2-firewall.
I -don't- need a firewall to run on this machine, I have a firewall on another machine. Talk about STUPID dependencies. But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
Don't confuse yast2-firewall package with the SuSEfirewall2 package. The first is a yast module for configurating the firewall, the second is the firewall itself - or the scripts.
I don't understand the need for a firewall to be installed to run an ntp client or the http-server config program in yast.
I would install a firewall on every single computer inside the safest of the intranets. -- Cheers, Carlos Robinson
Can anyone explain the following:
yast2-firewall is needed by (installed) yast2-http-server-
2.9.20-5
yast2-firewall is needed by (installed) yast2-ntp-client- 2.9.10-14
when trying to uninstall yast2-firewall.
I -don't- need a firewall to run on this machine, I have a firewall on another machine. Talk about STUPID dependencies. But if I DON'T install the firewall packages I can't run the ntp client nor the http-server client.
I don't understand the need for a firewall to be installed to run an ntp client or the http-server config program in yast.
Utter stupidity as far as I am concerned.
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
Ken: I agree. I also experienced that SuSE has plenty of - at least according to my opinion - unnecessary dependencies. This makes an update very difficult in some cases. A package should be dependent on another only if the dependency absolutely necessary for working the package well. It seems in SUSE it is not always the case. IG
On Sun, 06 Mar 2005 15:02:59 +0100 (CET), Gabor Istvan
SuSE has ... unnecessary dependencies.
And more with every new release it seems. I use grep and sed in a shell script to strip the source rpm spec files down to essential dependencies, then compile from source. It takes time, but I like everything compiled from source (and i686 optimized), plus I can mix updated packages from 9.2 with my 9.0 system / 2.4 kernel. My login prompt even says Welcome to SuSE 9.x Anyone know what version of gcc will be in suse 9.3? gcc 3.3.x is unreliable with -O3, but gcc 3.4.x seems to produce correct output at -O3, for what I have tested so far.
John Kelly wrote:
gcc 3.3.x is unreliable with -O3, but gcc 3.4.x seems to produce correct output at -O3, for what I have tested so far. After reading an article on Anandtech's website, I changed my default to use -O3 on 9.2 (gcc 3.3.4), and it has worked fine for me (and I haven't heard of any problems from those that have used the rpms from my apt repository). What problems do you mean? -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Registered Linux user 231871
On Sun, 06 Mar 2005 14:42:40 -0600, Joe Morris NTM
John Kelly wrote: gcc 3.3.x is unreliable with -O3
What problems do you mean?
When my gcc was built with march=athlon -O3, openssl failed one of its tests; so I reverted to march=i686 -O2 for all builds, including gcc. Maybe march=i686 is safe with -O3, but I don't have time to test that combination, so I don't know ...
John Kelly wrote:
On Sun, 06 Mar 2005 14:42:40 -0600, Joe Morris NTM
wrote: John Kelly wrote: gcc 3.3.x is unreliable with -O3
What problems do you mean?
When my gcc was built with march=athlon -O3, openssl failed one of its tests; so I reverted to march=i686 -O2 for all builds, including gcc.
Maybe march=i686 is safe with -O3, but I don't have time to test that combination, so I don't know ... Maybe that is it. I am using an amd64 processor, and use march=k8. Perhaps it is a buglet in the athlon optimizations. Thanks for the info. I guess I'll leave it as I have it til I know there is a problem. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Registered Linux user 231871
On Sunday 06 March 2005 21:02, Dylan wrote:
On Sunday 06 Mar 2005 19:54 pm, John Kelly wrote: <SNIP>
My login prompt even says Welcome to SuSE 9.x
How do you go about changin that?
/etc/issue for text mode logins KDE's KDM configuration or gnome's GDM configuration for graphical logins
Would you mind sharing the script you use? I have been thinking about recompiling the src rpms to get a faster system for a while, but it has been a lot of a hassle. Alle 20:54, domenica 06 marzo 2005, John Kelly ha scritto:
On Sun, 06 Mar 2005 15:02:59 +0100 (CET), Gabor Istvan
wrote: SuSE has ... unnecessary dependencies.
And more with every new release it seems. I use grep and sed in a shell script to strip the source rpm spec files down to essential dependencies, then compile from source. It takes time, but I like everything compiled from source (and i686 optimized), plus I can mix updated packages from 9.2 with my 9.0 system / 2.4 kernel.
My login prompt even says Welcome to SuSE 9.x
Anyone know what version of gcc will be in suse 9.3? gcc 3.3.x is unreliable with -O3, but gcc 3.4.x seems to produce correct output at -O3, for what I have tested so far.
On Mon, 07 Mar 2005 09:12:48 +0100, Luca Botti
John Kelly ha scritto:
I use grep and sed in a shell script to strip the source rpm spec files down to essential dependencies
Would you mind sharing the script you use?
Here is my script called "breq" which you can customize to your own needs. It prints a new BuildRequires: line to stdout, which you can capture and use to replace the one in the spec file. It requires first copying the *.spec file to *.spec.orig, which is a good idea anyway. I also add to the new spec file lines like: Source971: {somepackage}.spec.orig Source972: {somepackage}.spec.patch and move the .spec.orig and .spec.patch files to SOURCES for capture when building a new source RPM, because later, I may forget what changes I made; sometimes I add additional source code patches, etc.
#!/bin/sh grep -m 1 '^BuildRequires:' /usr/src/packages/SPECS/*.spec.orig | sed -r \ -e 's/[[:space:]]+acl([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+attr([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+cvs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+devs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+doxygen([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+filesystem([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-g77([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-java([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-objc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gnat-runtime([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gnat([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gpm([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+graphviz([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+less([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libgcj-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libgcj([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libobjc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libselinux-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libselinux([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libzio([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+module-init-tools([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+netcfg([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openldap2-client([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openslp-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openslp([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+permissions([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+postfix([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+procinfo([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+psmisc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+pwdutils([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+rcs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+strace([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+syslogd([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+unzip([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+update-desktop-files([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+vim([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11-libs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11([[:space:]]+|$)/ /' \ | xargs -n 1 | sort | tr '\n' ' ' | sed -e 's/ $//'; echo
Enjoy! -- A: Maybe because some people are too annoyed by top-posting. Q: Why do I not get an answer to my question(s)? A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
thanks John Alle 17:53, lunedì 07 marzo 2005, John Kelly ha scritto:
On Mon, 07 Mar 2005 09:12:48 +0100, Luca Botti
wrote:
John Kelly ha scritto:
I use grep and sed in a shell script to strip the source rpm spec files down to essential dependencies
Would you mind sharing the script you use?
Here is my script called "breq" which you can customize to your own needs. It prints a new BuildRequires: line to stdout, which you can capture and use to replace the one in the spec file.
It requires first copying the *.spec file to *.spec.orig, which is a good idea anyway.
I also add to the new spec file lines like:
Source971: {somepackage}.spec.orig Source972: {somepackage}.spec.patch
and move the .spec.orig and .spec.patch files to SOURCES for capture when building a new source RPM, because later, I may forget what changes I made; sometimes I add additional source code patches, etc.
#!/bin/sh grep -m 1 '^BuildRequires:' /usr/src/packages/SPECS/*.spec.orig | sed -r \ -e 's/[[:space:]]+acl([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+attr([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+cvs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+devs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+doxygen([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+filesystem([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-g77([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-java([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gcc-objc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gnat-runtime([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gnat([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+gpm([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+graphviz([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+less([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libgcj-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libgcj([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libobjc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libselinux-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libselinux([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+libzio([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+module-init-tools([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+netcfg([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openldap2-client([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openslp-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+openslp([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+permissions([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+postfix([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+procinfo([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+psmisc([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+pwdutils([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+rcs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+strace([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+syslogd([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+unzip([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+update-desktop-files([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+vim([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11-libs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11([[:space:]]+|$)/ /' \
| xargs -n 1 | sort | tr '\n' ' ' | sed -e 's/ $//'; echo
Enjoy!
-- A: Maybe because some people are too annoyed by top-posting. Q: Why do I not get an answer to my question(s)? A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
On Mon, 07 Mar 2005 18:43:06 +0100, Luca Botti
thanks John
Here is my script called "breq"
It was just a quick hack to meet my needs. With some work it should be possible to factor out the duplicated sed gook, so that you can just list the rpm names without all the sed gook on either side of the name. That would be a good exercise for the reader. Someone please post their results! -- A: Maybe because some people are too annoyed by top-posting. Q: Why do I not get an answer to my question(s)? A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
John Kelly
-e 's/[[:space:]]+update-desktop-files([[:space:]]+|$)/ /' \
Only get rid of this if the package does not install a .desktop file, i.e. the spec has no call to the rpm macro to update such a file.
-e 's/[[:space:]]+xorg-x11-devel([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11-libs([[:space:]]+|$)/ /' \ -e 's/[[:space:]]+xorg-x11([[:space:]]+|$)/ /'
I'd *never* remove these from any X11 program. There are systems that have no X11 installed. You'll *need* the dependency there. Also remember that SUSE builds packages in a chroot environment (a little bit like it's done when you call the 'build' script that's part of the distribution) as it's the only safe way to guarantee that only packages from a given distribution are used for building a package. Philipp
On Tue, 08 Mar 2005 01:04:13 +0100, Philipp Thomas
SUSE builds packages in a chroot environment (a little bit like it's done when you call the 'build' script that's part of the distribution)
I read of "build" in the paper manual, but I don't think I have "build" in my minimal install. What RPM is it in? -- A: Maybe because some people are too annoyed by top-posting. Q: Why do I not get an answer to my question(s)? A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
participants (9)
-
Anders Johansson
-
Carlos E. R.
-
Dylan
-
Gabor Istvan
-
Joe Morris (NTM)
-
John Kelly
-
Ken Schneider
-
Luca Botti
-
Philipp Thomas