Would appreciate advice on Debian Policy and draft webapp sub policy
I am in the process of trying to fix the bugs associated with
w3c-markup-validator. I have hit a particular problem as I look into
#477792.
The package requires a web server with CGI support and support for SSI
includes. The dependencies specify a dependency on "apache2 | httpd".
The latter conjunct makes no sense to me. The httpd virtual package
explicitly does not provide CGI support - one needs httpd-cgi for that.
So lets say I change the dependency to "apache2 | httpd-cgi". I suppose
also the package should be tested against other web servers in httpd-cgi
apart from apache.
Now looking down the list in httpd-cgi 'tntnet' could my eye. Looking at
its description I don't see how it can cope with cgi scripts not written
explicitly for it. So I suspect either its description should be
clarified or it should be removed from the httpd-cgi virtual package.
Now how about the SSI include functionality? I assume (but do not know)
that webservers other than apache2 support SSI. However it seems
unlikely that all the servers do. So I believe that this dependency
should be simplified to "apache2" but leaving the door open to adding
additional conjuncts after suitable testing. Lets say that some how this
was done and actually the dependency is now "apache2 | X".
I am then left with the problem of making sure that the config is
suitably adapted as necessary for webserver X.
Now we come to the nub of the problem. The bug report suggests that the
post install script should run "a2enmod include" (and then bounce the
webserver). I looked for guidence in the policy manuals but could not
find any indication of how to handle dependencies of this sort. Bouncing
the webserver seems a bit drastic in some ways. Maybe the person in
charge might want to install the modules during the day but bounce the
web server late at night. It seems a big step to me for a package to
take this choice away from a the person in charge. Assuming one does
make the post install script work that way, what would the post remove
script do? It cannot blindly run "a2dismod include". The more I think
about this the worse it gets.
I summary:
========
* I believe the dependency should be tightened from "apache2 || httpd"
to "apache2 || X" (which currently means "apache2").
* I believe that tntnet should be removed from the httpd-cgi virtual
package.
* I believe the w3c-markup-validator source package should generate a
separate deb package for every supported web server.
* What am I suppose to do with dependencies like that on "mod_include"
being enabled?
* Could we have all of this clarified in the draft webapp policy?
Reply to: