[oi-dev] Barman packaging

Nikola M. minikola at gmail.com
Thu Nov 7 08:03:41 UTC 2013 

On 11/ 7/13 08:39 AM, Alexander Pyhalov wrote:
>
> The most interesting part is that barman has to run rsync with 
> postgres euid on remote site (to access DB files ) and with barman 
> euid on local (to access backup files). I think that converting 
> postgres from role to user is more straightforward than trying to 
> create necessary RBAC policy.

I think that local implementations and needs should not dictate what 
will be changed in OS distribution itself.
If people don't know how to use RBAC they should learn it (me included)
if programs needed to run on OI don't support platform, they shoud be 
patched to work right.

I don't understand why I should loose PostgreSQL role on all systems I 
would probably install in the future, because someone personally had a 
problem with one program not made for the platform.
And what it has to do with that particular implementation of external 
program
and what rsync have to do with Solaris roles.

It could be written on wiki how to do that, it could be written on 
package description, it could be written on the program manual how to 
make it work
but the OS should not be slave of the application and kill existing 
functionality that people rely upon, just to be able to run one 
additional program without patching it for the platform.

Large installations usually have their own mirrors and changes that for 
some reason some local admin thinks theya re needed for them, and not 
for the rest of the world,
can land on their internal mirror.

Besides, we have 'zfs send' and using rsync for that is sort of stupid 
to me.
Why that app should not be patched to use zfs snapshots?

You could think this way: everything could be on roles in the future, 
like it is in Solaris11.
They killed root account completely. And we still have root account, and 
that is maybe good thing,
but that does not mean we should start killing roles because we find it 
interesting at the moment to run some additional app.
Let's think our way and not turn everything in Linux.

So I think it is not such good idea to kill one large-known 
functionality, just to satisfy random App without patching it.
Are we actually suffering for not having established review and 
discussion process before implementing changes?

More information about the oi-dev mailing list