[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFS: phpgroupware

(Sorry for sending this to -devel...)
Thomas Viehmann wrote:
> Jamin W. Collins wrote [in a different order]:
>>I've given most of the packages a cursory look.  I do have a few
>>suggestions and may be willing to sponsor them.
> Thanks.
>>Packaging concerns:
>>- In several locations throughout the debconf questions you use "DBMS",
>>  this should probably be replaced with simply "database".
>>- The wording of phpgroupware/postrm should probably be completely
>>  redone.
>>- README.Debian currently contains a blurb about changing of package
>>  maintainers.  This file should contain the information/instructions
>>  a user may need to configure the package.
> I've changed the debconf messages as suggested and added a pointer to
> the web based setup to README.Debian. However, I'd prefer to have a
> "work in progress" blurb in README.Debian, partially to acknowledge that
> there are still some things to be smoothed out. (The reason I believe an
> update is appropriate in spite of regarding this as "work in progress"
> is that the version fixes many errors (some severe and security) of the
> package currently in unstable.)
>>- The database admin password is stored in debconf.  This should not be
>>  done.  Ask for it, use it, and then remove it from the database.
> What does this mean for the removal of the database upon purging the
> package?
> I don't have the impression that people will be very happy with debconf
> prompts in the postrm. (Of course, debconf might already have been
> removed in the postrm...)
> Should I just not drop the database?
>>Application concerns:
>>- When logged in as Setup/Config Admin
>>   - configuration steps listed as completed, but values are blank or
>>     point to non-existent directories.  For example, step 2
>>     "Configuration" the value of "Enter the location of phpGroupWare's
>>     URL." is blank by default and yet the configuration is completed.
>>   - Wording of the second half of Step 2 is misleading.  It indicates
>>     all accounts will be deleted (none exist at first) and that it
>>     _will_ create 1 admin and 3 demo accounts, but the demo accounts
>>     are optional.
> The first point needs to be fixed, I'll look into it shortly. I'm not
> too sure that I'd want to muck with the wording too much, though. (e.g.
> I'm not too sure about what to do with the translations.)
>>- When logged in as Header Admin:
>>   - all passwords are displayed in plaintext
> This is a difficult one. In particular, I don't think that changing the
> plaintext fields to password ones helps: Then the user might get the
> false impression that his passwords are not transferred over the net. On
> the other hand, I'd not trick the user into accidentially erasing his
> passwords. I'll look into transferring (and checking for) bogus passwords.
> Thanks for the comments.
> Regards
> T.

Attachment: pgpq3YHmgvhdE.pgp
Description: PGP signature

Reply to: