Re: FHS and /var/www
On Mon, Jul 21, 2008 at 01:14:05AM +0100, Stephen Gran wrote:
> This one time, at band camp, Steve Langasek said:
> > On Sun, Jul 20, 2008 at 06:58:09PM +0100, Stephen Gran wrote:
> > > > So you "vote" for an exemption from FSH in this case, as per
> > > > 9.1.1?
> > > http://www.debian.org/doc/packaging-manuals/fhs/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM
> > > "Therefore, no program should rely on a specific subdirectory
> > > structure of /srv existing or data necessarily being stored in /srv.
> > I think it's perfectly in keeping with other parts of policy to ship
> > our webservers with /srv/www as the default webroot, and leave it up
> > to the administrator to symlink web applications into that root to
> > enable them (or change the web root, or use aliases, etc). In
> > particular, Policy 11.5.4 says that web applications should avoid
> > storing files in the web document root if possible.
> So you think it's a good idea to ignore the the sentence above?
No, I don't think that using it as a default webroot is "rely[ing] on a
specific subdirectory structure of /srv existing or data necessarily being
stored in /srv", because the web server can be reconfigured to look
> I agree that it's a bad idea for applications to store things under the
> webroot in general, but that's a seperate issue altogether to changing
> what the default webroot points to. If we could keep the seperate issues
> seperate for the moment, I think it would be helpful.
If your objection to using /srv/www as the default web root isn't about
applications storing files there, then why do you object to it? Is it
because it would be "wildly inappropriate" on your systems?
> a) applications installing random files under web root - bad
> b) Changing httpds to ship a web root that either doesn't exist or would
> be wildly inappropriate on every system I admin - also bad.
Does "wildly inappropriate" mean that shipping such a default would
incorrectly expose data to the network that wasn't meant to be exposed?
> Doing the change you recommend also has the downside of guaranteeing
> that no web application that has to ship files under the web root can
> work out of the box. Admittedly these applications are probably silly,
> but not currently buggy.
Well, I consider that an upside rather than a downside; I don't think
there's any excuse for a package enabling a web app by default, and would be
happy to see such packages declared buggy - which I agree could be handled
separately from /srv/www.
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/