From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Sun, 14 Apr 2013 13:46:12 +0000
Subject: Add zarb MLs html archives

---
 zarb-ml/mageia-dev/20110119/002227.html | 119 ++++++++++++++++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 zarb-ml/mageia-dev/20110119/002227.html

(limited to 'zarb-ml/mageia-dev/20110119/002227.html')

diff --git a/zarb-ml/mageia-dev/20110119/002227.html b/zarb-ml/mageia-dev/20110119/002227.html
new file mode 100644
index 000000000..738474f30
--- /dev/null
+++ b/zarb-ml/mageia-dev/20110119/002227.html
@@ -0,0 +1,119 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] Proofreading web applications policy
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Proofreading%20web%20applications%20policy&In-Reply-To=%3C20110118233857.GD20740%40sisay.ephaone.org%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="002226.html">
+   <LINK REL="Next"  HREF="002228.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] Proofreading web applications policy</H1>
+    <B>Michael scherer</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Proofreading%20web%20applications%20policy&In-Reply-To=%3C20110118233857.GD20740%40sisay.ephaone.org%3E"
+       TITLE="[Mageia-dev] Proofreading web applications policy">misc at zarb.org
+       </A><BR>
+    <I>Wed Jan 19 00:38:57 CET 2011</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="002226.html">[Mageia-dev] mailing list for new RPMs
+</A></li>
+        <LI>Next message: <A HREF="002228.html">[Mageia-dev] Python Packaging Policy
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#2227">[ date ]</a>
+              <a href="thread.html#2227">[ thread ]</a>
+              <a href="subject.html#2227">[ subject ]</a>
+              <a href="author.html#2227">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>On Tue, Jan 18, 2011 at 07:07:00PM +0100, Remy CLOUARD wrote:
+&gt;<i> Hello there,
+</I>&gt;<i> 
+</I>&gt;<i> I started to have a look at the webapps policy.
+</I>&gt;<i> 
+</I>&gt;<i> There&#8217;s something that has been bugging me for a while, that&#8217;s the
+</I>&gt;<i> apache-centric way of thinking of this policy.
+</I>&gt;<i> 
+</I>&gt;<i> To me, there are valuable alternatives to apache that deserve to be
+</I>&gt;<i> treated equally.
+</I>&gt;<i> Here are the packages that provides webserver
+</I>&gt;<i> 
+</I>&gt;<i> apache-ssl|apache-mpm-event|apache-mpm-peruser|nginx|lighttpd|
+</I>&gt;<i> cherokee|apache-mpm-itk|apache-mpm-worker|thttpd|apache-mpm-rsbac|
+</I>&gt;<i> apache-mpm-prefork|boa
+</I>&gt;<i> 
+</I>&gt;<i> &#8220;These are the files that are susceptible to change during the
+</I>&gt;<i> application's lifetime. They go in /var/lib/foo. If they are supposed to
+</I>&gt;<i> be editable by the application directly from the web interface, they
+</I>&gt;<i> should be owned by apache user and apache group.&#8221;
+</I>&gt;<i> 
+</I>&gt;<i> Could we create a generic group (webserver for instance) to allow
+</I>&gt;<i> webapps to play nice with these webserver ?
+</I>
+Wouldn't it be a security problem to have different
+daemon sharing the same uid ?
+
+&gt;<i> Same goes for logfiles and config files containing sensitive
+</I>&gt;<i> informations.
+</I>&gt;<i> 
+</I>&gt;<i> I would also be in favor of creating subpackages for webapps that
+</I>&gt;<i> provides better integration with apache such as files in
+</I>&gt;<i> /etc/httpd/conf/webapps.d/.
+</I>
+That would make life difficult for user, as they would have to answer questions
+about things that the package manager would have to figure by 
+itself.
+
+( like deduce what configuration file would be used based on system information )
+
+I think we should aim to reduce questions rather to ask more.
+ 
+&gt;<i> That way, webapps should have a Requires on webserver, and the
+</I>&gt;<i> subpackage should have one on apache.
+</I>&gt;<i> 
+</I>&gt;<i> Another issue is the owner of /var/www. This directory is owned by
+</I>&gt;<i> apache-conf. Could we instead make a generic package called
+</I>&gt;<i> webserver-data for instance that would provide it ? This way each
+</I>&gt;<i> package providing webserver would have to require webserver-data.
+</I>
+Put it in filesystem rpm then. And technically, shouldn't
+we follow lsb and use /srv ? 
+
+&gt;<i> Finally, that may be a little cosmetic detail, but I would prefer
+</I>&gt;<i> template files for apache to be in a separate file in SOURCES/ that&#8217;s
+</I>&gt;<i> included instead of creating it in the spec like:
+</I>&gt;<i> cat &gt; %{buildroot}%{_webappconfdir}/%{name}.conf &lt;&lt;EOF
+</I>
+Well, why ?
+Inline  configfile can use macros, that's usually a way to be sure
+that /var/ww/%{name} is properly set 
+-- 
+Michaeli Scherer
+</PRE>
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="002226.html">[Mageia-dev] mailing list for new RPMs
+</A></li>
+	<LI>Next message: <A HREF="002228.html">[Mageia-dev] Python Packaging Policy
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#2227">[ date ]</a>
+              <a href="thread.html#2227">[ thread ]</a>
+              <a href="subject.html#2227">[ subject ]</a>
+              <a href="author.html#2227">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>
-- 
cgit v1.2.1