[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Would appreciate advice on Debian Policy and draft webapp sub policy

I am in the process of trying to fix the bugs associated with w3c-markup-validator. I have hit a particular problem as I look into #477792.

The package requires a web server with CGI support and support for SSI includes. The dependencies specify a dependency on "apache2 | httpd".

The latter conjunct makes no sense to me. The httpd virtual package explicitly does not provide CGI support - one needs httpd-cgi for that. So lets say I change the dependency to "apache2 | httpd-cgi". I suppose also the package should be tested against other web servers in httpd-cgi apart from apache.

Now looking down the list in httpd-cgi 'tntnet' could my eye. Looking at its description I don't see how it can cope with cgi scripts not written explicitly for it. So I suspect either its description should be clarified or it should be removed from the httpd-cgi virtual package.

Now how about the SSI include functionality? I assume (but do not know) that webservers other than apache2 support SSI. However it seems unlikely that all the servers do. So I believe that this dependency should be simplified to "apache2" but leaving the door open to adding additional conjuncts after suitable testing. Lets say that some how this was done and actually the dependency is now "apache2 | X".

I am then left with the problem of making sure that the config is suitably adapted as necessary for webserver X.

Now we come to the nub of the problem. The bug report suggests that the post install script should run "a2enmod include" (and then bounce the webserver). I looked for guidence in the policy manuals but could not find any indication of how to handle dependencies of this sort. Bouncing the webserver seems a bit drastic in some ways. Maybe the person in charge might want to install the modules during the day but bounce the web server late at night. It seems a big step to me for a package to take this choice away from a the person in charge. Assuming one does make the post install script work that way, what would the post remove script do? It cannot blindly run "a2dismod include". The more I think about this the worse it gets.

I summary:
* I believe the dependency should be tightened from "apache2 || httpd" to "apache2 || X" (which currently means "apache2"). * I believe that tntnet should be removed from the httpd-cgi virtual package. * I believe the w3c-markup-validator source package should generate a separate deb package for every supported web server. * What am I suppose to do with dependencies like that on "mod_include" being enabled?
* Could we have all of this clarified in the draft webapp policy?

Reply to: