[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFR] templates://slbackup-php/{templates}

Patrick Winnertz wrote:
>>> Template: slbackup-php/use-ssl
>>> Type: boolean
>>> Default: false
>>> _Description: Activate SSL support in slbackup-php?
>>>  Please note that SSL is needed to connect to the slbackup-php server.
>>>  Activating it is therefore strongly recommended.
>>>  . 
>>>  However, SSL should also be activated in the web server which will not
>>>  be done even by choosing this option.
>> It seems to be saying that I absolutely must answer "yes" for the
>> package to be useful, and that no other packages will be affected by
>> my decision.  So why ask?  And particularly, why default to "false"?
> Since we depend here on mod_ssl and mod_rewrite and not every user/sysadmin
> wants to have it activated by default without knowing anything about this. 

The text says nothing about mod_rewrite; it asks permission to
"activate SSL support".  But as far as I can see from looking at the
postinst, what it does if I say yes is run "a2enmod rewrite", which
is more than I've given permission for, but less than is required to 
make the package useful.

> Do you know if there are web apps which doesn't work properly with
> mod_rewrite on? I don't know.

I'm afraid I don't either.  But if there are good reasons why I
might want to avoid having slbackup-php on my system, they belong in
the package description, not an install-time dialogue.

> I discussed that with white (white@debian.org) about one month ago and after
> the discussion he shared my opinion that it would be better to default to
> false and to ask here. 
> So we really think over this :) (the discussion took ~2 hours)

Assuming the package description is adequately informative, why
would anybody install slbackup-php if they didn't actively want it
to be fully set up on their system?
Ankh kak! (Ancient Egyptian blessing)

Reply to: