Re: [arch-dev-public] [arch-commits] Commit in htdig/trunk (PKGBUILD)
Am Samstag, 25. April 2009 16:29:03 schrieb Giovanni Scafora:
ln -s /srv/http/cgi-bin/htsearch ${pkgdir}/usr/bin || return 1
I thnik it should be the other way round. Imho no package should install anything into /srv. What do you guys think about this? -- Pierre Schmitz Clemens-August-Straße 76 53115 Bonn Telefon 0228 9716608 Mobil 0160 95269831 Jabber pierre@jabber.archlinux.de WWW http://www.archlinux.de
2009/4/25, Pierre Schmitz <pierre@archlinux.de>:
I thnik it should be the other way round. Imho no package should install anything into /srv.
What do you guys think about this?
I think that is right. Moreover, there are documentation files in /srv/http/htdocs/ -- Arch Linux Developer (voidnull) AUR & Pacman Italian Translations Microdia Developer http://www.archlinux.it
Pierre Schmitz wrote:
Am Samstag, 25. April 2009 16:29:03 schrieb Giovanni Scafora:
ln -s /srv/http/cgi-bin/htsearch ${pkgdir}/usr/bin || return 1
I thnik it should be the other way round. Imho no package should install anything into /srv.
What do you guys think about this?
FHS says: /srv contains site-specific data which is served by this system. This main purpose of specifying this is so that users may find the location of the data files for particular service, and so that services which require a single tree for readonly data, writable data and scripts (such as cgi scripts) can be reasonably placed. Data that is only of interest to a specific user should go in that users' home directory. ... So a cgi script seems fine... I would tend to agree that /srv should be installed into by a package. But I don't deal with the type of package which may want to use /srv so my opinion should be down-weighted accordingly. Allan
On Sat, Apr 25, 2009 at 10:31 AM, Allan McRae <allan@archlinux.org> wrote:
Pierre Schmitz wrote:
Am Samstag, 25. April 2009 16:29:03 schrieb Giovanni Scafora:
ln -s /srv/http/cgi-bin/htsearch ${pkgdir}/usr/bin || return 1
I thnik it should be the other way round. Imho no package should install anything into /srv.
What do you guys think about this?
FHS says:
/srv contains site-specific data which is served by this system.
This main purpose of specifying this is so that users may find the location of the data files for particular service, and so that services which require a single tree for readonly data, writable data and scripts (such as cgi scripts) can be reasonably placed. Data that is only of interest to a specific user should go in that users' home directory. ...
So a cgi script seems fine... I would tend to agree that /srv should be installed into by a package. But I don't deal with the type of package which may want to use /srv so my opinion should be down-weighted accordingly.
Installing into /srv/ is no different than installing into /home/, IMO. It might be worse as it presents a relatively big security risk for those that do run public facing services, and suddenly a new script has been made available for web site users to run. -Dan
Installing into /srv/ is no different than installing into /home/, IMO. It might be worse as it presents a relatively big security risk for those that do run public facing services, and suddenly a new script has been made available for web site users to run.
if you think so I could change this line ln -s /srv/http/cgi-bin/htsearch ${pkgdir}/usr/bin || return 1 to mv ${pkgdir}/srv/http/cgi-bin/{htsearch,qtest} ${pkgdir}/usr/bin || return 1 anyway I watched htdig-3.2.0_beta6-r3.ebuild from gentoo to make this package and gentoo dev install that file in /var/www/localhost/cgi-bin -- Andrea `BaSh` Scarpino Arch Linux Developer
2009/4/25, Dan McGee <dpmcgee@gmail.com>:
Installing into /srv/ is no different than installing into /home/, IMO. It might be worse as it presents a relatively big security risk for those that do run public facing services, and suddenly a new script has been made available for web site users to run.
Then, as you said, we should remove that symbolic link and the file /srv/http/cgi-bin/qtest installed by default? -- Arch Linux Developer (voidnull) AUR & Pacman Italian Translations Microdia Developer http://www.archlinux.it
On Sat, Apr 25, 2009 at 10:45 AM, Giovanni Scafora <linuxmania@gmail.com> wrote:
2009/4/25, Dan McGee <dpmcgee@gmail.com>:
Installing into /srv/ is no different than installing into /home/, IMO. It might be worse as it presents a relatively big security risk for those that do run public facing services, and suddenly a new script has been made available for web site users to run.
Then, as you said, we should remove that symbolic link and the file /srv/http/cgi-bin/qtest installed by default?
I would just say/think that files in /srv/ should be managed by the system admin and not pacman- anything they want in there should be linked by the sysadmin from /usr/bin/ or elsewhere, rather than the other way around. -Dan
On 25/04/2009, Dan McGee <dpmcgee@gmail.com> wrote:
I would just say/think that files in /srv/ should be managed by the system admin and not pacman- anything they want in there should be linked by the sysadmin from /usr/bin/ or elsewhere, rather than the other way around. You are right. so voidnull is fixing this soon, because I'm not in my home.
-- Andrea `BaSh` Scarpino Arch Linux Developer
2009/4/25, Andrea Scarpino <andrea@archlinux.org>:
You are right. so voidnull is fixing this soon, because I'm not in my home.
Fixed. -- Arch Linux Developer (voidnull) AUR & Pacman Italian Translations Microdia Developer http://www.archlinux.it
Am Samstag, 25. April 2009 17:36:19 schrieb Dan McGee:
Installing into srv is no different than installing into /home/, IMO. It might be worse as it presents a relatively big security risk for those that do run public facing services, and suddenly a new script has been made available for web site users to run.
If we agree to this we should add such a rule to namcap. -- Pierre Schmitz Clemens-August-Straße 76 53115 Bonn Telefon 0228 9716608 Mobil 0160 95269831 Jabber pierre@jabber.archlinux.de WWW http://www.archlinux.de
Pierre Schmitz schrieb:
Am Samstag, 25. April 2009 16:29:03 schrieb Giovanni Scafora:
ln -s /srv/http/cgi-bin/htsearch ${pkgdir}/usr/bin || return 1
I thnik it should be the other way round. Imho no package should install anything into /srv.
What do you guys think about this?
There should be a good rule about it. IMO, /srv/http is only for apache anyway (other servers use /srv/lighttpd or so, right?). Also phpmyadmin installs into /srv/http. IMO, it should rather install into /usr/share and then provide config files for apache, lighttpd and other common servers that configure the right Directory and Alias directives. Similar things could also be done for all many other similar packages.
Am Samstag, 25. April 2009 19:36:12 schrieb Thomas Bächler:
IMO, /srv/http is only for apache anyway (other servers use /srv/lighttpd or so, right?).
No, /srv/http is the home of the http user; so lighttpd uses this dir by default, too.
Also phpmyadmin installs into /srv/http. IMO, it should rather install into /usr/share and then provide config files for apache, lighttpd and other common servers that configure the right Directory and Alias directives. Similar things could also be done for all many other similar packages.
That was my intention. -- Pierre Schmitz Clemens-August-Straße 76 53115 Bonn Telefon 0228 9716608 Mobil 0160 95269831 Jabber pierre@jabber.archlinux.de WWW http://www.archlinux.de
participants (6)
-
Allan McRae
-
Andrea Scarpino
-
Dan McGee
-
Giovanni Scafora
-
Pierre Schmitz
-
Thomas Bächler