From: Robin H.Johnson <robbat2@gentoo.org>
To: gentoo-dev@gentoo.org
Subject: Re: [gentoo-dev] apache eclass
Date: Thu, 12 Jun 2003 02:37:35 -0700 [thread overview]
Message-ID: <20030612093735.GA29913@cherenkov.orbis-terrarum.net> (raw)
In-Reply-To: <20030612092003.GA4707@tompayne.org>
[-- Attachment #1: Type: text/plain, Size: 2600 bytes --]
On Thu, Jun 12, 2003 at 10:20:03AM +0100, Tom Payne wrote:
> Also consider what happens if a user uses a webserver other than apache
> (there's rarely anything about a bunch of HTML, PHP, and CGI scripts that's
> apache-specific). There really should be a virtual/httpd to cover this.
I did previously mention that this was needed in the last thread.
> Have a look at http://bugs.gentoo.org/show_bug.cgi?id=20642 with regards to
> automatically determining DocumentRoot.
> Synopsis is that a simple grep breaks configurations that use virtual hosts.
> Reliably detecting the doc root on all possible installations is very hard
> indeed.
> After discussion with others, my recommendation is that the document root
> should always be /home/httpd/htdocs. You could allow this to be overridden
> with DOCUMENT_ROOT= in /etc/make.conf if you're feeling generous.
Actually, in a further discussion today in #gentoo-dev, we noted that
detected the DocumentRoot or allowing to be variable in any fashion
causes more serious problems with tbz2 binary tarballs.
For example:
DocumentRoot is /var/www
User builds a web application, which installs to /var/www. The tbz2
contains files with that pathname component in them.
Now DocumentRoot gets change to /home/httpd/htdocs (any number of ways,
including emerging the binary package on a different system).
User tries to install the package, telling emerge to use the
pre-existing binary.
Package is extracted to /var/www, which is never looked at by the
webserver.
Because of this DocumentRoot must be totally static.
If we ever want DocumentRoot to be variable, somebody has a LOT of work
to do with apache config parsing.
In cases where users want a different DocumentRoot, I would suggest that
the packages are all installed in a fixed location (not nessicarily even
in the DocumentRoot directory), and then the user can symlink them into
their own DocumentRoot.
A possible solution:
All webapps install to something NOT inside DocumentRoot.
'ebuild /usr/portage/.../foo.ebuild config' sets up the application
(needed in most cases already) AND puts in a symlink to the
DocumentRoot.
This also makes it easier to support virtualhost configurations that all
have access to a common tool, and makes temporarily disabling an
application for security reasons much easier to do.
--
Robin Hugh Johnson
E-Mail : robbat2@orbis-terrarum.net
Home Page : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ# : 30269588 or 41961639
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
next prev parent reply other threads:[~2003-06-12 9:37 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-12 9:20 [gentoo-dev] apache eclass Tom Payne
2003-06-12 9:37 ` Robin H.Johnson [this message]
2003-06-12 9:53 ` Paul de Vrieze
2003-06-12 10:03 ` Robin H.Johnson
2003-06-12 16:55 ` Donny Davies
2003-06-13 5:55 ` Patrick Kursawe
2003-06-12 17:25 ` Ned Ludd
2003-06-13 0:02 ` Seemant Kulleen
2003-06-13 0:07 ` Seemant Kulleen
2003-06-13 1:21 ` Robin H.Johnson
2003-06-14 1:56 ` Ned Ludd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030612093735.GA29913@cherenkov.orbis-terrarum.net \
--to=robbat2@gentoo.org \
--cc=gentoo-dev@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox