Hi Manoj, On Sat, 31 Oct 2009 14:10:33 -0500, Manoj Srivastava <[email protected]> wrote: > Package: dspam-webfrontend > Version: 3.6.8-9.3 > Severity: serious > User: [email protected] > Usertags: dir-or-file-in-var-www > > Debian packages should not install files under /var/www. This is not > one of the /var directories in the File Hierarchy Standard and is > under the control of the local administrator. Packages should not > assume that it is the document root for a web server; it is very > common for users to change the default document root and packages > should not assume that users will keep any particular setting. > > Packages that want to make files available via an installed web server > should instead put instructions for the local administrator in a > README.Debian file and ideally include configuration fragments for > common web servers such as Apache. > > As an exception, packages are permitted to create the /var/www > directory due to its past history as the default document root, but > should at most copy over a default file in postinst for a new install. > > Refer to Filesystem Hierarchy Standard (The /var Hierarchy) for > details. > > One solution that works is to put configuration files into > /etc/<package_name>, put static content, if any, into > /usr/{share,lib}/<package_name>, then create /var/lib/<package name> > as home for the package, and symlink the files from /etc and /usr/ > into the /var/lib/<package_name>. Then create a simple set of > configuration snippets for popular web servers (for example, files one > may link into /etc/apache2/conf.d) and put them into > /etc/<package_name>. This way user modifiable files stil live in /etc, > and a simple operation can make the package go live. > > Filed as serious, since this is a violation of the FHS (which is part > of policy), and also since a package with these files will currently > get this package rejected. See > http://lists.debian.org/debian-devel-announce/2009/10/msg00004.html > for details. This means the package has been deemed too buggy to be in > Debian.
As dspam-webfrontend relies on apache2-suexec, which sets the document root to /var/www/, I fear there is nothing we can do about this for now. Furthermore, as per http://www.debian.org/doc/debian-policy/ch-customized-programs.html#s-web-appl: "If access to the web document root is unavoidable then use /var/www as the Document Root." I would hence think using /var/www for dspam-webfrontend is correct, what do you think of it? Cheers, Julien -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
