Re: common, FHS-compliant, default document root for the various web servers
Stefano Zacchiroli wrote:
[ adding -policy to Cc: ]
On Wed, Nov 04, 2009 at 04:08:02PM +0100, Holger Levsen wrote:
Uhm, why postpone this so long? I'd hope we could find a consensus quite soon.
Then, we might not be able to fix _all_ web apps until squeeze, but at least
tthose few with dir-or-file-in-var-www :-)
I see it a tad more complicate than you, let's hope its me
overestimating the task :-)
- the agreement actually should not come among web app maintainers, but
rather among web *server* maintainers: they should agree over a
specific dir and change the default configuration of the web server so
that that dir is the document root (for the default vhost, for web
servers supporting vhosts)
* possibly, migrating to that would require offering migration paths
to package users
- then you might start migrating web apps packages so that they install
(static) stuff under that dir, preserving the per-package path as
detailed in the webapps-common policy
- then, the rule should go into policy (possibly under §9.1.1, has an
exception to FHS, not sure about the section though) and that can't
happen before due to the usual practice-should-predate-policy
Personally I would like to have a competently different approach:
- web server ask where to put the root (probably proposing default
a /srv/www location). But not further assumption about the location.
Admins, per FHS, could choose other paths.
This could be done by a new update-http-root application.
(and ev. could handle multiple vhost).
And possibly allowing no public location (thus forcing local only
connections): we tend to forget about this, but IMHO more and more
desktop computers are installed with webserver because of local
convenience. Thus we really need to securely support this common
- No webapp are installed "live" by default:
We have too much crap web application, and some/most of our users
don't realize that they are installing a public accessible crap.
[the desktop users]
Thus IMHO we need a "update-webappl" utility, which would
list, ask and ev. install the just installed webapplication.
This is not so far as the installation of apache modules, which
ask for which apache (apache/apache2/apache2-ssl/...) to enable
modules. We just list the possible web root.
Naturally admins can skip this point (e.g. not allowing debian
to handle webappl, but doing manually).
Probably a webserver-specific support script will handle the
generation of symlink (default) or via configuration (webserver
specific) of the /usr/lib/cgi or /usr/share/* dir.
- no hardcoded default root location (only a default value for a
real user question)
- not installing by default (without asking) web apps.
PS: first mail in debian-policy, so maybe I missed the point of
the discussion (which take place in the other mailing lists)