Bug#553576: Policy should not encourage violation of the FHS

Sun, 01 Nov 2009 01:27:38 -0700 

Package: debian-policy
Version: 3.8.3.0
Severity: important

Hi,

        Debian packages should not install files under /var/www. This
 is not one of the /var directories in the File Hierarchy Standard and
 is under the control of the local administrator. Packages should not
 assume that it is the document root for a web server; it is very
 common for users to change the default document root and packages
 should not assume that users will keep any particular setting.

        Packages that want to make files available via an installed
 web server should instead put instructions for the local
 administrator in a README.Debian file and ideally include
 configuration fragments for common web servers such as Apache.

        As an exception, packages are permitted to create the /var/www 
 directory due to its past history as the default document root, but
 should at most copy over a default file in postinst for a new install.

        Refer to Filesystem Hierarchy Standard (The /var Hierarchy)
 for details.

        But then, we turn around in section 11.5.4, and say:
,----
|  Web Applications should try to avoid storing files in the Web
|  Document Root. Instead they should use the /usr/share/doc/package
|  directory for documents and register the Web Application via the
|  doc-base package.
`----

        So far, so good.

,----
|  If access to the web document root is unavoidable then use /var/www
|  as the Document Root.
`----

        Whoa. What makes for the situation to be unvoidable? Why
 should this ever be needed? What if the (optinal) /var/www is not the
 document root, and is not a symlink to the document root?

        I think we should rethink the "unavoidable" circumstances.

        manoj

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

debian-policy depends on no packages.

debian-policy recommends no packages.

Versions of packages debian-policy suggests:
ii  doc-base                      0.9.5      utilities to manage online documen

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-policy-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to