[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#553540: htdig: dir-or-file-in-var-www /var/www/htdig/button1.gif and 31 others

Package: htdig
Version: 1:3.2.0b6-9
Severity: serious
User: lintian-maint@debian.org
Usertags: dir-or-file-in-var-www

Debian packages should not install files under /var/www. This is not
one of the /var directories in the File Hierarchy Standard and is
under the control of the local administrator. Packages should not
assume that it is the document root for a web server; it is very
common for users to change the default document root and packages
should not assume that users will keep any particular setting. 

Packages that want to make files available via an installed web server
should instead put instructions for the local administrator in a
README.Debian file and ideally include configuration fragments for
common web servers such as Apache.

As an exception, packages are permitted to create the /var/www
directory due to its past history as the default document root, but
should at most copy over a default file in postinst for a new install.

Refer to Filesystem Hierarchy Standard (The /var Hierarchy) for
details.

One solution that works is to put configuration files into
/etc/<package_name>, put static content, if any, into
/usr/{share,lib}/<package_name>, then create /var/lib/<package name>
as home for the package, and symlink the files from /etc and /usr/
into the /var/lib/<package_name>. Then create a simple set of
configuration snippets for popular web servers (for example, files one
may link into /etc/apache2/conf.d) and put them into
/etc/<package_name>. This way user modifiable files stil live in /etc,
and a simple operation can make the package go live.

Filed as serious, since this is a violation of the FHS (which is part
of policy), and also since a package with these files will currently
get this package rejected. See
  http://lists.debian.org/debian-devel-announce/2009/10/msg00004.html
for details. This means the package has been deemed too buggy to be in
Debian.

manoj


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'oldstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31.4-anzu-2 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages htdig depends on:
ii  cdebconf [debconf-2.0] 0.145             Debian Configuration Management Sy
ii  debconf [debconf-2.0]  1.5.28            Debian configuration management sy
ii  libc6                  2.10.1-3          GNU C Library: Shared libraries
ii  libgcc1                1:4.4.2-1         GCC support library
ii  libstdc++6             4.4.2-1           The GNU Standard C++ Library v3
ii  lockfile-progs         0.1.13            Programs for locking and unlocking
ii  perl                   5.10.1-6          Larry Wall's Practical Extraction 
ii  zlib1g                 1:1.2.3.3.dfsg-15 compression library - runtime

htdig recommends no packages.

Versions of packages htdig suggests:
ii  apache2-mpm-prefork [httpd]  2.2.14-1    Apache HTTP Server - traditional n
ii  htdig-doc                    1:3.2.0b6-9 web search and indexing system - d

-- debconf information:
* htdig/run-rundig: false
* htdig/generate-databases: true
Reply to: