Re: [RFR] templates://request-tracker3.6/templates
Christian Perrier wrote:
> General comment: the templates, particularly the last two are quite
> verbose.
Here are versions that I've squeezed as hard as I can; they might
need to be re-expanded if I've obscured important points.
Template: request-tracker3.6/handle-siteconfig-permissions
Type: boolean
_Description: Handle RT_SiteConfig.pm permissions?
The main configuration file, /etc/request-tracker3.6/RT_SiteConfig.pm,
contains the database password, which should not be world-readable
but must be known to the web interface (usually running as the user
"www-data").
.
If you accept this option, the normal solution will adopted: the file
permissions will be "root:www-data rw-r----" (readable to the www-data
group but not the world). This is a security risk if for instance users
can run PHP scripts with the privileges of the www-data user.
.
If you reject this option, the file will be readable only by root, and
you will have to set up appropriate access controls yourself.
.
Note: with the SQLite backend, your answer will also affect the
permissions of automatically generated local database files.
Template: request-tracker3.6/fix-initialdata-442398
Type: boolean
_Description: Fix the "10 highest priority tickets I own" table automatically?
The version of RT in Debian Etch had a bug in the database initialization
data that could break links in the "10 highest priority tickets I own"
table (see http://bugs.debian.org/442398). Databases created with that
version can only be fixed by changing the database contents.
.
This change can be performed automatically.
.
It will only affect buggy databases, and will be attempted only once.
If fixing the database fails for some reason (for example because the
database is unavailable), it won't be tried again unless this setting
is re-enabled (for example with dpkg-reconfigure).
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
Reply to: