Re: [RFR] templates://slbackup-php/{templates}
Patrick Winnertz wrote:
>>> Template: slbackup-php/use-ssl
>>> Type: boolean
>>> Default: false
>>> _Description: Activate SSL support in slbackup-php?
>>> Please note that SSL is needed to connect to the slbackup-php server.
>>> Activating it is therefore strongly recommended.
>>> .
>>> However, SSL should also be activated in the web server which will not
>>> be done even by choosing this option.
>>
>> It seems to be saying that I absolutely must answer "yes" for the
>> package to be useful, and that no other packages will be affected by
>> my decision. So why ask? And particularly, why default to "false"?
>
> Since we depend here on mod_ssl and mod_rewrite and not every user/sysadmin
> wants to have it activated by default without knowing anything about this.
The text says nothing about mod_rewrite; it asks permission to
"activate SSL support". But as far as I can see from looking at the
postinst, what it does if I say yes is run "a2enmod rewrite", which
is more than I've given permission for, but less than is required to
make the package useful.
> Do you know if there are web apps which doesn't work properly with
> mod_rewrite on? I don't know.
I'm afraid I don't either. But if there are good reasons why I
might want to avoid having slbackup-php on my system, they belong in
the package description, not an install-time dialogue.
> I discussed that with white (white@debian.org) about one month ago and after
> the discussion he shared my opinion that it would be better to default to
> false and to ask here.
> So we really think over this :) (the discussion took ~2 hours)
Assuming the package description is adequately informative, why
would anybody install slbackup-php if they didn't actively want it
to be fully set up on their system?
--
JBR
Ankh kak! (Ancient Egyptian blessing)
Reply to: