[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFR] English debconf template review : debian/mantis.templates

sils wrote:
> More info ... Mantis works on this way:
> - it places the database install tools under "admin directory"
> - the access to the "install" page is not protected (never)
> - assumes that users are going to delete admin directory when they
> finish (there are a lot of reminders and warnings)
> 
> The best way I found to protect this directory is using a web server
> protection, and I would like the people have a clear notice about what
> are they doing.

Incidentally, it seems to be possible to install mantis with any httpd
(even minimalist ones like webfs, which definitely doesn't support
htaccess).  Is there any plan to restrict the dependency to apache2?

 
> Then, what about this..
> -------------------------
> _Description: Mantis setup Web server protection username:

A confusing pile of nouns, and "protection" isn't the right one.  Try

  _Description: Web server authentication username for Mantis setup:

or just

  _Description: Web server authentication username for Mantis:

>    For security reasons, the Mantis administration directory will
>    be protected via htaccess, allowing only the protected user to
>    access database configuration.
>    .
>    Please specify a username.

"For security reasons" seems redundant; username/password systems are
rarely set up for comedy value.

Again you don't mean "protected"; it's the directory that's "password
protected", not the server or the user.

Also, "to access database configuration" makes it sound as if the
directory is used every time you want to check how the database is
configured.

How about:

  _Description: Web server authentication username for Mantis:
   The /admin directory for Mantis will be protected with htaccess,
   allowing only the authenticated user to set up the database.
   .
   Please specify a username.

  _Description: Web server authentication password for Mantis:
   The /admin directory for Mantis will be protected with htaccess,
   allowing only the authenticated user to set up the database.
   .
   Please specify a password.

(The repeated lines aren't strictly necessary, but they don't do any
harm.)

> I prefer not to use in the description the word "admin", because I think
> it will confuse people. I use it just as a default value to setup the
> username.

Oops - I'd forgotten about "Template: mantis/htaccess_user".
-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package
Reply to: