Reworking the Apache package (with patches)
-----BEGIN PGP SIGNED MESSAGE-----
as I was promising quite a while ago, I'm hereby starting to help the
Apache source package by not only blabbering but also showing hard facts.
I spent a substantial amount of time and I am still not totally
convinced about the shape and state of the Apache source package.
However, it does not make too much sense to spend any more time with it
unless I have consensus my patches are actually helpful and desired. Yet
it still needs a lot of good ideas to come over the evil install magic,
but I consider things better now than before.
I realize I made some controversial changes you don't necessarily need
to agree with. I personally consider the "new" package slightly cleaner
and better, but your mileage may vary. I won't spend any more time until
we got that sorted out. That is, it is review time for you now.
That makes even more sense as I needed to merge Stefan's changes already
for the -3 upload, so every change you might do would cause further
diversions. Hence, I am referencing patches. A full patch
apache-package-full-changes.diff  contains all changes since 2.2.21-3
I made. The git format patches might not necessarily be helpful for you
to apply (they are based on my private git-svn branch), but they are
much easier readable in order to understand what I did .
Furthermore I uploaded both, full source and binary packages on  you
could inspect. Note, the full patch does not include the (new) binaries
due to technical limitations.
Just in case: I didn't attach them to the mail, because lists.d.o
rejected this mail before because of the message size being to large.
This is a list of major changes:
* I changes the source package type from 1.0 to 3.0. Thus, I dropped the
dpatch dependency. While doing so I refreshed all patches and sorted out
the dpatch "patches-which-are-actually-scripts" thingies. The branding
patch was removed by me. Instead I'm doing the branding in the rules
file. The suexec stuff happens in a rules target now, similar to the itk
* I dropped build hardening flags, they are injected by dpkg-buildflags
* Since the 3.0 source format supports binaries, the uuencoded images
are now shipped (and copied) as is in the Debian package. This also
solves #649888 partially
* I reworked the rules file entirely. It is now using the short dh(1)
syntax and (a lot of) overrides. Much magic still happens in custom
targets which are filed as dependencies to some targets. Knowing the
older rules you will recognize many fragments of it. Some parts have
also been moved to package.debhelper.files where possible. I also
removed most DEB_BUILD_OPTIONS processing as dh mostly takes care.
I didn't find any regressions and the new rules file seems to produce
the very same binary package, but you still might want to double-check
* I cleaned up the convert_docs Perl script. It does not rely on any
Makefile magic anymore and creates the expected output by passing it a
single untouched directory. Also it does not use any shell calls anymore.
* I fixed #590096 by adding a run-parts hook as suggested. A quick
survey discloses: nginx did so as well, at Lighttpd we rejected that
patch (though I wasn't involved in that decision). I won't mind if you
prefer to reject that patch. Then I would close the bug with wontfix.
* I fixed #440058 by changing the DefaultType. That change seems feasible.
* I made some cosmetic changes. For example I removed redundant
priorities in debian/control and removed Lintian overrides not needed
Note I didn't commit anything to the VCS (I couldn't either - I am not
member of the packaging team on Alioth yet. According to Stefan's
policy, he said he won't do so until I made a few contributions) nor did
I add myself to Uploaders. That makes the patch formally a NMU but I
didn't version it that way.
Moreover, I took a look at several bugs. I'll do as indicated unless
#557612 During package upgrade, apache2 is stopped, but not started
* dh_installinit already has --no-restart-on-upgrade (I made that
more clear) this avoids the problem entirely
* fixed already, thus close
#589638 apache2: Generally useful options currently set in
sites-available/default should be moved to included file
* undecided, probably wontfix?
#426426 SetEnv PERL5LIB ... cleaned by suEXEC
* wontfix (aka: This is by design)
#391290 please ship sample rewrite.conf w/ examples
* better alternatives exist
#341022 default apache2.conf file should deny access to /
* Lenny was a while ago, do that now, possibly file bugs on reverse
with kind regards,
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----