[ntp:questions] Distribution security

David L. Mills mills at udel.edu
Tue Dec 4 12:54:35 UTC 2007


Harlan,

What planet are you coming from? You know I violently disagree with you 
on the options thing and it has absolutely nothing to do with the html 
documentation. The options thing is overkill, an unnecessary 
complication and not really helpful in view of the available 
documentation. I would very much rather see the low-key help hints as in 
typical Unix commands.

Even so, as I told you, there can be serious disconnect between the 
options thing and the actual documentation, as evidence in the 
ntp-keygen program for example. I told you the coding style was 
intricate, unnecessarily complex and I would not deal with it.

Yes, I require that man pages not be in the base distribution; however, 
there is a html2man utility in the distribution that can produce a man 
page ripoff of the html pages, although with loss of content. Then, why 
is the sntp man page still in the distribution and what is worse, why is 
that man page installed by default? You did that over my objections and 
I consider that extremely rude.

Dave

Harlan Stenn wrote:

>>>>In article <fj22v1$ee9$1 at scrotar.nss.udel.edu>, "David L. Mills" <mills at udel.edu> writes:
> 
> 
> David> In fact, all snapshots, releases, bugzilla, repositories, NTP home
> David> page and NTP project site physically reside at U Delaware. Only the
> David> documents maintained by the NTP Support Project are physically
> David> resident elsewhere at ISC. The intent is that, if you get something
> David> from U Delaware or ISC, it is authentic, official and neither
> David> modified nor infested with trojan horses.
> 
> I'll add that I generate md5 signatures at UDel when a tarball is rolled,
> and we are working on a way to pgp/gpg/crypto sign these tarballs as well.
> 
> David> Folks should understand ...
> David> ... The documentation included in a particular distribution
> David> applies only to that distribution and may be different in minor ways
> David> from another distribution.
> 
> David> ... Understand
> David> that the up-to-minute revision is on the web at www.ntp.org, so they
> David> may differ in small part from whatever distribution is in use.
> 
> And one of the items on the Support Project's TODO list is to have
> web-searchable online documentation for a number of different versions of
> NTP, so folks can find the information they want more easily.
> 
> David> That was easy, now the hard part...
> 
> David> Now the ugly part. It's hard enough to deal with clones of old html
> David> pages, but some folks insist on man pages that are not in the
> David> official documentation that leaves U Delaware. The reasons for this
> David> are many, including the loss of web typography, diagrams and
> David> content. However, some folks use tools to convert html format to man
> David> format, even if that loses content. I have no quarrel with that as
> David> long as it is not claimed to be official and a disclaimer is added to
> David> that effect.
> 
> Not so fast, Dave.  While this *may* be true for some folks, I know of two
> exceptions.
> 
> The first is the FreeBSD stuff, where they took your html/ pages and
> converted them in to man pages, because the documentation in FreeBSD is
> man-page based.
> 
> The second is the official distribution.  While your html/ pages are still
> your definitive pages, I have, after discussion and agreement with you,
> begun the process of converting from our old way of parsing command-line
> options and flags to AutoOpts.
> 
> This has bought us at least 2 big overall improvements.
> 
> First, our options processing is now much easier.
> 
> Second, the AutoOpts tools can spit out documentation that is based (in
> part) on the actual command-line processing specification.
> 
> On our agreed-upon agenda, this will be the new way we handle program
> documentation, because it will allow people to install the documentation in
> a variety of formats that are useful to them.  This will include html, man,
> info, and some other formats.
> 
> You have said you do not want the man pages installed at UDel, and I have
> not yet had the time to code that in to the Makefiles (I'm a busy guy and
> there have been bigger fish to fry).
> 
> David> To see how far the practice goes, I googled for "ntp-keygen man" and
> David> got 623 hits(!). A casual check suggests that most of them are for
> David> reformated html pages, some really old, some incomplete and some
> David> modified with errors. Users of systems like Linux that may
> David> extensively clone and convert pages from older releases may not apply
> David> to later releases and especially snapshots.
> 
> Yes, but the good news is that anybody who tries to do this should quickly
> realize that the version of the documentation they are looking at most
> likely does not match the version they are running.
> 
> H




More information about the questions mailing list