nagios plugins depend on samba
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nagios-plugins (Ubuntu) |
Expired
|
Low
|
Unassigned |
Bug Description
Binary package hint: nagios-plugins
I have an internet server. I like to keep as little as possible installed. A package as "SAMBA' I simply do NOT want installed on my server. It has no place there.
Now to get nagios to check my disk-free-status, I installed "nagios-plugins". This depends on "samba-common" and samba-common-bin. It stopped short of starting the samba server.
So, to monitor samba stuff, I imagine that having the samba tools installed is required. But for my use this is not neccesary at all. This sort of "attitude" causes software bloat. We/ubuntu should be careful in what dependencies to mark as required.
Either split the nagios-plugins package into a nagios-
And YES it is a security issue to have unneccesary software installed on an internet server.
On Thursday 03 March 2011 10:49:54 you wrote:
> *** This bug is a security vulnerability ***
*lol* I can't see a vulnerability by installing samba packages, but anyhow.
> Public security bug reported:
>
> Binary package hint: nagios-plugins
>
> I have an internet server. I like to keep as little as possible
> installed. A package as "SAMBA' I simply do NOT want installed on my
> server. It has no place there.
>
> Now to get nagios to check my disk-free-status, I installed "nagios-
> plugins". This depends on "samba-common" and samba-common-bin. It
> stopped short of starting the samba server.
What about installing just "nagios- plugin- basic"? "nagios-plugins" is also plugins- standard" which have (at least) on Ubuntu
depending[1] on "nagios-
couple of depencies[2], also on "smbclient".
> So, to monitor samba stuff, I imagine that having the samba tools plugins- samba, or
> installed is required. But for my use this is not neccesary at all. This
> sort of "attitude" causes software bloat. We/ubuntu should be careful in
> what dependencies to mark as required.
>
> Either split the nagios-plugins package into a nagios-
> remove the dependency. In the latter case, you can make things "neat" by
> editing the script that requires samba to print a nice: "you need to
> install samba" if it isn't found.
In debian we have moved a bunch of dependencies to recommands with 1.4.14-2,
which gives you the possibilty to get rid of those packages by deinstalling
them or avoiding automatically installing recommanded packages. Anyhow ... the
ubuntu package has this changes reverted for an unknown reason.
Just my 2 cents, Jan. packages. ubuntu. com/natty/ nagios- plugins packages. ubuntu. com/natty/ nagios- plugins- standard
[1] http://
[2] http://
--
Never write mail to <email address hidden>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++
------END GEEK CODE BLOCK------