Web app and httpd (apache2) reconfig questions
Greetings.
I am making a package for Koha (http://koha-community.org/), which I
will eventually hopefully be able to upload to Debian. For now, it will
remain a third-party package.
However, I would like to make the package to be as high quality as
possible. So I have some questions.
Koha wants (for now) to add a custom vhost, and installs an Apache
config file in /etc/koha/koha-httpd.conf, and symlinks that
to /etc/apache2/sites-available. What is the best way to get that
enabled?
* Install a symlink into sites-enabled, in the package?
* Call a2ensite in the postinst?
* Should this be enabled/disabled via a debconf question?
Koha needs the Apache rewrite module. How do I enable that?
If I make the package do the above Apache configuration changes, how do
I reload or restart Apache?
At the moment I don't enable things, but I include a README.Debian that
documents the necessary steps the sysadmin needs to take to enable
things.
Koha uses a database, and stores some sensitive information there. For
example, usernames and passwords of its users, and their reading habits.
It would be bad to leak that information to outsiders. Currently, Koha
runs as www-data, which means that its config file is available to all
other web apps, and that in turn means that they have access to the
database. What is best practice here?
Should I change Koha to run under a dedicated user and group? Should I
just document the situation and tell the user to not install any other
web apps if they care about the sensitive data?
Reply to: