Re: [RFR] templates://publicfile-installer/{templates}
Christian PERRIER wrote:
> Rationale:
> --- publicfile-installer.old/debian/templates 2015-07-29 08:21:48.490182705 +0200
> +++ publicfile-installer/debian/templates 2015-07-29 13:44:58.140605903 +0200
> @@ -1,13 +1,16 @@
> Template: publicfile-installer/build
> Type: boolean
> Default: false
> -_Description: Do you want to get and build publicfile now?
> - Choose wether publicfile should be downloaded and build now.
> +_Description: Download and build publicfile now?
>
> Matter of taste, but I usually tend to avoid "do you want <foo>"
Me too.
> + Please choose wether publicfile should be downloaded and built now.
> + .
>
> We often use "Please <foo>" so let's be consistent among packages?
You caught the wrong past tense, but a typo has snuck past you there.
"Whether" is a questionword, "wether" is a castrated ram.
> If you choose not to do this now, you can perform the actions manually later,
> - by running the 'get-publicfile' command (as a normal user, not root) and
> + by running the "get-publicfile" command (as an unprivileged user, not
> + as root) and
> following the instructions.
>
> The debian-l10n-english housestyle uses double quptes rather than
> simple quotes.... We also tend to suggest using
> privileged/unprivileged instead of "normal".
Because normal people can be sysadmins too, in theory.
> .
> - If you choose to get and build now, both these actions will be performed
> - as root. For security-aware sites, this might be not appropriate.
> - Once the software has been build, run the 'install-publicfile' command
> + If you choose to download and build publicfile now, both these actions will be performed
> + as root. For security-aware sites, this might be not appropriate.
> + .
> + Once the software has been built, run the "install-publicfile" command
> (as root) to install the package.
>
> Be consistent with other changes.
>
It might simplify the explanation if we reshuffled it slightly:
_Description: Download and build publicfile now?
Please choose whether publicfile should be downloaded and built now.
.
Alternatively you can do it manually later by running the command
"get-publicfile" and following the instructions. This has the
advantage that it can be run as an unprivileged user, avoiding the
security risks of performing the build as root.
.
Once the software has been built, run the command "install-publicfile"
(as root) to install the package.
But why does it need a special script to install a package? (Goes and
looks...) Yipe! It just checks I'm root and then runs
dpkg -i /tmp/publicfile-installer/publicfile*_*.deb
Does the build really leave its output in a predictable location in a
world-writable directory? (Checks) Yes, so if my evil kid brother
has created a /tmp/publicfile-installer/publicfile_0.52-0_amd64.deb,
the build-script will happily dump its .deb alongside it. Then when I
run "sudo install-publicfile" it'll install the bogus package first,
executing its install-scripts as root.
This hardly seems appropriate for a package where the main selling
point is that it's secure. At the very least build-publicfile should
use a *verbose* cp so that it tells me where it has put the output
.deb! And if it's so hard to remember "sudo dpkg -i foo.deb", it
could finish with a reminder!
In the control file:
> --- publicfile-installer.old/debian/control 2015-07-29 08:21:48.490182705 +0200
> +++ publicfile-installer/debian/control 2015-08-08 08:29:31.921329907 +0200
> Depends: wget, debhelper, fakeroot, ${misc:Depends}
And not build-essential?
> +Description: installer package for the publicfile HTTP and FTP server
> + Publicfile is an HTTP and FTP server, written by Daniel J. Bernstein in
> + 1999; it didn't change a lot after that. Modern features are not
> + supported. However, if you're looking for a small, simple and secure
> webserver, which integrates with the runit and daemontools UNIX service
> managers, publicfile will suit your needs.
> .
> This installer package downloads the publicfile .tar.gz file from
> the upstream website, combines it with Debian packaging information
> from the package maintainer's website; then builds a publicfile Debian
> package, and installs that. When installing this installer package,
> one is given the option to postpone downloading and installing
> publicfile.
There are a few other trivial issues, but I wouldn't have bothered
except that there's quite a lot missing - such as the point of the
exercise. Why does publicfile need an installer? Why isn't it an
ordinary package in main like DJB's qmail? Okay, maybe the reader
might vaguely remember that DJB is virulently opposed to sane software
licenses, but then didn't he change his mind and declare all his
software public domain? The answer turns out to be: not *quite* all.
Also, it's not clear whether this download-and-build is a one-off
(after which the installer becomes redundant) or whether it'll
automatically check for updates (like the systemd integration that
it'll surely be getting some day real soon now).
My attempt to fill in some of the gaps:
Description: installer package for the publicfile HTTP and FTP server
Publicfile is an HTTP and FTP server, written by Daniel J. Bernstein in
1999; it hasn't changed much since. Modern features are not supported.
However, if you're looking for a small, simple, and secure webserver,
which integrates with the runit and daemontools UNIX service managers,
publicfile will suit your needs.
.
While most of Bernstein's software is now public domain, publicfile
still lacks a license that would make it distributable in Debian.
This package provides a mechanism for downloading the publicfile
sourcecode from the upstream website, combining it with packaging
information from the package maintainer's website, then building and
installing a publicfile Debian package. The mechanism may be run
during the installation of this package or postponed and run manually.
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff -ru publicfile-installer-0.10.pristine/debian/control publicfile-installer-0.10/debian/control
--- publicfile-installer-0.10.pristine/debian/control 2015-02-05 17:03:23.000000000 +0000
+++ publicfile-installer-0.10/debian/control 2015-08-08 21:07:55.010867631 +0100
@@ -10,16 +10,17 @@
Package: publicfile-installer
Architecture: all
Depends: wget, debhelper, fakeroot, ${misc:Depends}
-Description: installer package for the publicfile http and ftp server
- Publicfile is a http and ftp server, written by Daniel J. Bernstein in
- 1999; it didn't change a lot after that. Modern features are not
- supported. However, if you're looking for a small, simple and secure
- webserver, which integrates with the runit and daemontools UNIX service
- managers, publicfile will suit your needs.
+Description: installer package for the publicfile HTTP and FTP server
+ Publicfile is an HTTP and FTP server, written by Daniel J. Bernstein in
+ 1999; it hasn't changed much since. Modern features are not supported.
+ However, if you're looking for a small, simple, and secure webserver,
+ which integrates with the runit and daemontools UNIX service managers,
+ publicfile will suit your needs.
.
- This installer package downloads the publicfile .tar.gz file from
- the upstream website, combines it with Debian packaging information
- from the package maintainer's website; then builds a publicfile Debian
- package, and installs that. When installing this installer package,
- one is given the option to postpone downloading and installing
- publicfile.
+ While most of Bernstein's software is now public domain, publicfile
+ still lacks a license that would make it distributable in Debian.
+ This package provides a mechanism for downloading the publicfile
+ sourcecode from the upstream website, combining it with packaging
+ information from the package maintainer's website, then building and
+ installing a publicfile Debian package. The mechanism may be run
+ during the installation of this package or postponed and run manually.
diff -ru publicfile-installer-0.10.pristine/debian/templates publicfile-installer-0.10/debian/templates
--- publicfile-installer-0.10.pristine/debian/templates 2015-01-28 19:34:15.000000000 +0000
+++ publicfile-installer-0.10/debian/templates 2015-08-08 21:05:50.998304679 +0100
@@ -1,13 +1,13 @@
Template: publicfile-installer/build
Type: boolean
Default: false
-_Description: Do you want to get and build publicfile now?
- Choose wether publicfile should be downloaded and build now.
- If you choose not to do this now, you can perform the actions manually later,
- by running the 'get-publicfile' command (as a normal user, not root) and
- following the instructions.
+_Description: Download and build publicfile now?
+ Please choose whether publicfile should be downloaded and built now.
.
- If you choose to get and build now, both these actions will be performed
- as root. For security-aware sites, this might be not appropriate.
- Once the software has been build, run the 'install-publicfile' command
+ Alternatively you can do it manually later by running the command
+ "get-publicfile" and following the instructions. This has the
+ advantage that it can be run as an unprivileged user, avoiding the
+ security risks of performing the build as root.
+ .
+ Once the software has been built, run the command "install-publicfile"
(as root) to install the package.
Template: publicfile-installer/build
Type: boolean
Default: false
_Description: Download and build publicfile now?
Please choose whether publicfile should be downloaded and built now.
.
Alternatively you can do it manually later by running the command
"get-publicfile" and following the instructions. This has the
advantage that it can be run as an unprivileged user, avoiding the
security risks of performing the build as root.
.
Once the software has been built, run the command "install-publicfile"
(as root) to install the package.
Source: publicfile-installer
Section: contrib/net
Priority: extra
Maintainer: Joost van Baal-Ilić <joostvb@debian.org>
Build-Depends: debhelper (>= 9), po-debconf
Standards-Version: 3.9.6
Vcs-Git: git://anonscm.debian.org/collab-maint/publicfile-installer.git
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/publicfile-installer.git
Package: publicfile-installer
Architecture: all
Depends: wget, debhelper, fakeroot, ${misc:Depends}
Description: installer package for the publicfile HTTP and FTP server
Publicfile is an HTTP and FTP server, written by Daniel J. Bernstein in
1999; it hasn't changed much since. Modern features are not supported.
However, if you're looking for a small, simple, and secure webserver,
which integrates with the runit and daemontools UNIX service managers,
publicfile will suit your needs.
.
While most of Bernstein's software is now public domain, publicfile
still lacks a license that would make it distributable in Debian.
This package provides a mechanism for downloading the publicfile
sourcecode from the upstream website, combining it with packaging
information from the package maintainer's website, then building and
installing a publicfile Debian package. The mechanism may be run
during the installation of this package or postponed and run manually.
Reply to: