[Bug 188359] Review Request: bugzilla - bug tracking tool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: bugzilla - bug tracking tool


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188359





------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-14 10:42 EST -------
Note that I no longer have the attachment mentioned in the previous comment, so
I cannot upload it again.

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-10 00:58 EST -------
(In reply to comment #24)
> Finally, this needs to live under /usr/share, not /var/www, which is a simple
> edit of the first line plus the httpd.conf file.

  Will SELinux actually allow Apache to execute CGIs that live in /usr/share?
Particularly ones that need to write to directories?


------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-10 01:22 EST -------
I suggest you peruse the gallery2 review, which deals with this issue:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=181599

My understanding is that selinux will allow apache to run things out of
/usr/share as long as the appropriate selinux boolean is set.  And if it didn't,
we'd need to work with the selinux folks to get the necessary bits in.  It's
simply not permissible for us to put things in /var/www.

Now, what does bugzilla need to write?  I thought it was entirely database
driven.  Obviously it can't write to /usr/share, so we have to use another
location.  The gallery2 package uses a directory under /srv for this, but it
does take selinux bits.  The bug for that is
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183140

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-10 01:37 EST -------
It has to write to the data/ directory and various subdirectories under that.
The data directory is created by checksetup.pl. You can change where Bugzilla
expects the data directory to be by editing the $datadir variable in
Bugzilla/Config.pm.

Why can't we put something in /var/www? It's where we normally put Bugzilla.

Also note that Bugzilla requires *either* DBD::Pg or DBD::mysql, but it doesn't
need both. I'm not sure how to handle that in RPM. The automatic deps will
probably pick up both.

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-10 11:37 EST -------
(In reply to comment #28)
> Why can't we put something in /var/www? It's where we normally put Bugzilla.

The naive answer is because the packaging guidelines indicate that it's not the
proper place; see the end of http://fedoraproject.org/wiki/Packaging/Guidelines.
  The point is that once this is in Extras it's essentially a system component,
and the system shouldn't install important pieces of itself into /var.

> Also note that Bugzilla requires *either* DBD::Pg or DBD::mysql, but it doesn't
> need both. I'm not sure how to handle that in RPM. The automatic deps will
> probably pick up both.

RPM has no way to indicate this kind of either-or requirement; it's probably
simpler to just install both unless we can somehow make two subpackages,
bugzilla-postgres and bugzilla-mysql that provide bugzilla-db and pull in the
necessary Perl modules for each specific database.  I doubt it's worth it.

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-10 19:00 EST -------
(In reply to comment #29)
> RPM has no way to indicate this kind of either-or requirement; it's probably
> simpler to just install both unless we can somehow make two subpackages,
> bugzilla-postgres and bugzilla-mysql that provide bugzilla-db and pull in the
> necessary Perl modules for each specific database.  I doubt it's worth it.

  Okay. The problem is that those perl modules also pull in the databases
themselves. So installing Bugzilla will now always install both postgresql and
mysql.

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-10 19:18 EST -------
Surely it only pulls in the client libraries?  I can see no evidence that it
will actually pull in the database servers; that would be nuts.

Admittedly the mysql client libraries are a bit large (5MB) but that could be
seen as a packaging bug since it contains the client command line interface as
well.  (perl-DBD-MySQL just wants libmysqlclient.)  The Postgres client libs are
only 500K.

In any case, I'm not sure it would be acceptable to filter the perl-DBD
dependencies and require that the end user know that they need to install one or
the other.  I guess it depends on whether or not then can be warned at setup
time; if that's possible then it would be reasonable to do so.  This isn't
exactly and install-and-go package so I think it's acceptable to have them go
back and pull in another package.

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-10 19:22 EST -------
(In reply to comment #31)
> This isn't
> exactly and install-and-go package so I think it's acceptable to have them go
> back and pull in another package.

  If they only pull in the client libraries, it's okay to have both of the perl
modules be installed.

  It's true that running ./checksetup.pl will tell the user that they need to
install the correct module, but it will give them CPAN instructions, and I think
we'd prefer that they use RPMs.

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-10 20:44 EST -------
We shouldn't fear patching things like checksetup to give the appropriate
instructions, but in this case I think just requiring both is going to be our
best bet.

So what's left?  We need to pick a location for the data directory;
/srv/bugzilla makes the most sense to me.  I need to get with the selinux gurus
to see what's required there.

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-10 23:34 EST -------
I would think that /var/bugzilla would make more sense, since that seems to fit
the purpose of /var, yes?

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-10 23:48 EST -------
Well, that's a reasonable question.  To address /var/bugzilla specifically, FHS
forbids it:

Applications must generally not add directories to the top level of /var. Such
directories should only be added if they have some system-wide implication, and
in consultation with the FHS mailing list.

If it had to be in /var, /var/lib/bugzilla would be better.  Here's what FHS has
to say about /var and /srv:

/var contains variable data files. This includes spool directories and files,
administrative and logging data, and transient and temporary files.

/srv contains site-specific data which is served by this system.

Seems to me like /srv is more appropriate.  And in any case I'm just following
gallery2's lead, which was packaged by the same person (John Berninger).  I
assume he'll chime in with why he chose that location and what he'd like to do
about this package.

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-11 00:01 EST -------
Okay. Very little of the data in data/ is technically "served" to the user--just
certain graphics generated by graphviz.

So /var/lib/bugzilla makes sense to me, but it's up to you guys in the end.

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-11 00:18 EST -------
Ah, I had the impression that it held data such as uploaded attachments.  If
it's just transient data, why doesn't it just put it in /tmp?

------- Additional Comments From mkanat@xxxxxxxxxxxx  2006-06-11 00:29 EST -------
It's definitely not transient data. Bugzilla's per-server operating parameters
are stored there, but they're written by a CGI. It also stores pre-compiled
templates.

It does store a few attachments, but most attachments are stored in the database
(depending on user settings).

Basically, it stores any file that the web server needs to write to or anything
that Bugzilla generates dynamically.

------- Additional Comments From nkadel@xxxxxxxxxxx  2006-06-11 00:34 EST -------
If I may suggest, please don't stuff bugzilla in /srv: very few programs 
actually use it or /opt these days, and /var is an old and well-recognized 
place for data that gets a lot of disk access, and where the files experience 
churn and thus need frequent backup.

/var/lib/bugzilla makes a certain amount of sense if /var/bugzilla is not 
easily negotiated for.

------- Additional Comments From paul@xxxxxxxxxxxx  2006-06-12 07:52 EST -------
My vote would be for the app to go in /usr/share and the data to be in
/var/lib/bugzilla (via a symlink if necessary). The only SELinux fiddling that
should be necessary would I think to be to have /var/lib/bugzilla(/.*)? as
httpd_var_lib_t.

------- Additional Comments From tibbs@xxxxxxxxxxx  2006-06-12 12:40 EST -------
Now that I finally understand what bugzilla needs to write, I agree that
/var/lib/bugzilla is indeed the proper place.


-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

_______________________________________________
Fedora-package-review mailing list
Fedora-package-review@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]