Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review

To: Christian Perrier <bubulle@debian.org>
Cc: 415231@bugs.debian.org, debian-l10n-english@lists.debian.org
Subject: Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
From: James Westby <jw+debian@jameswestby.net>
Date: Sun, 18 Mar 2007 15:09:51 +0000
Message-id: <[🔎] 20070318150951.GB29575@jameswestby.net>
In-reply-to: <[🔎] 20070318075508.GE32545@kheops.homeunix.org>
References: <20070317110140.16971.95301.reportbug@mykerinos.kheops.frmug.org> <45FC3B01.3000903@goirand.fr> <[🔎] 20070318075508.GE32545@kheops.homeunix.org>

On (18/03/07 08:55), Christian Perrier wrote:
> Thomas Goirand commented on our proposed rewrite of dtc templates:
> > If you choose the default of /var/www, make sure that no DocumentRoot is
> > pointing to this path, so there is no chance to publicly give access to
> > all your hosted files.
> 
> OK, let's retry another way:
> 
> Template: dtc/conf_hostingpath
> Type: string
> Default: /var/www/sites
> _Description: Path for hosted domains:
>  Please enter the directory to be used by DTC to store files for
>  all hosted domains.
>  .
>  If you choose /var/www, which is Apache's default document root, all
>  files hosted in that directory will become publicly accessible. It is
>  therefore recommended to choose another directory if the local web
>  server is hosting other files in /var/www.

Does the default of /var/www/sites suffer from this issue?

> > + Do not choose this option if the server is directly connected to the
> > + Internet. If your internet connection is delivered by a dynamic IP
> > addresses, choosing this option is mandatory. You then have to use a
> > firwall doing NAT between your server and the internet, and use port
> > forwarding to your server.
> 
> 
> My proposed rewording of this:
> 
> Template: dtc/conf_use_nated_vhosts
> Type: boolean
> Default: false
> _Description: Use "NATed" vhosts?
>  DTC can configure Apache to use one of your IP addresses. If the
>  server is firewalled with NAT and port redirections of public IP(s)
>  address(es), a "NATed" vhost configuration can be generated.
>  .
>  This option should be chosen only if the server is directly connected
>  to the Internet and uses a dynamic public IP addres. In such cases,
>  NAT and port forwarding are mandatory for DTC.
> 
> 

This still seems to be in conflict with Thomas' meaning of the
templates. He says 

  Do not choose this option if the server is directly connected to the
  internet.

whereas your suggestion is

  This option should be chosen only if the server is directly connected
  to the Internet.

Is there some misunderstanding here of the use of "directly connected"
in this context?

Thanks,

James

-- 
  James Westby   --    GPG Key ID: B577FE13    --     http://jameswestby.net/
  seccure key - (3+)k7|M*edCX/.A:n*N!>|&7U.L#9E)Tu)T0>AM - secp256r1/nistp256

Reply to:

Follow-Ups:
- Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
  - From: Christian Perrier <bubulle@debian.org>

References:
- Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
  - From: Christian Perrier <bubulle@debian.org>

Prev by Date: Re: [RFR] templates://kdebase/kdm.templates
Next by Date: Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
Previous by thread: Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
Next by thread: Re: Bug#415231: dtc: [debconf_rewrite] Debconf templates review
Index(es):
- Date
- Thread