From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6948 invoked by uid 1002); 12 Jun 2003 09:37:37 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 141 invoked from network); 12 Jun 2003 09:37:36 -0000 Date: Thu, 12 Jun 2003 02:37:35 -0700 From: Robin H.Johnson To: gentoo-dev@gentoo.org Message-ID: <20030612093735.GA29913@cherenkov.orbis-terrarum.net> Mail-Followup-To: gentoo-dev@gentoo.org References: <20030612092003.GA4707@tompayne.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OXfL5xGRrasGEqWY" Content-Disposition: inline In-Reply-To: <20030612092003.GA4707@tompayne.org> User-Agent: Mutt/1.5.3i Subject: Re: [gentoo-dev] apache eclass X-Archives-Salt: 999e4bb5-4c6f-4282-8e01-0422d1c2174b X-Archives-Hash: 26dbbbf05098cd5f122fc5fcf3ea5d6e --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jun 12, 2003 at 10:20:03AM +0100, Tom Payne wrote: > Also consider what happens if a user uses a webserver other than apache > (there's rarely anything about a bunch of HTML, PHP, and CGI scripts that= 's > apache-specific). There really should be a virtual/httpd to cover this. I did previously mention that this was needed in the last thread. > Have a look at http://bugs.gentoo.org/show_bug.cgi?id=3D20642 with regard= s to > automatically determining DocumentRoot. > Synopsis is that a simple grep breaks configurations that use virtual hos= ts. > Reliably detecting the doc root on all possible installations is very hard > indeed. > After discussion with others, my recommendation is that the document root > should always be /home/httpd/htdocs. You could allow this to be overridden > with DOCUMENT_ROOT=3D in /etc/make.conf if you're feeling generous. Actually, in a further discussion today in #gentoo-dev, we noted that detected the DocumentRoot or allowing to be variable in any fashion=20 causes more serious problems with tbz2 binary tarballs. For example: DocumentRoot is /var/www User builds a web application, which installs to /var/www. The tbz2 contains files with that pathname component in them. Now DocumentRoot gets change to /home/httpd/htdocs (any number of ways, including emerging the binary package on a different system). User tries to install the package, telling emerge to use the pre-existing binary. Package is extracted to /var/www, which is never looked at by the webserver. Because of this DocumentRoot must be totally static. If we ever want DocumentRoot to be variable, somebody has a LOT of work to do with apache config parsing. In cases where users want a different DocumentRoot, I would suggest that the packages are all installed in a fixed location (not nessicarily even in the DocumentRoot directory), and then the user can symlink them into their own DocumentRoot. A possible solution: All webapps install to something NOT inside DocumentRoot. 'ebuild /usr/portage/.../foo.ebuild config' sets up the application (needed in most cases already) AND puts in a symlink to the DocumentRoot. This also makes it easier to support virtualhost configurations that all have access to a common tool, and makes temporarily disabling an application for security reasons much easier to do. --=20 Robin Hugh Johnson E-Mail : robbat2@orbis-terrarum.net Home Page : http://www.orbis-terrarum.net/?l=3Dpeople.robbat2 ICQ# : 30269588 or 41961639 GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 --OXfL5xGRrasGEqWY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Robbat2 @ Orbis-Terrarum Networks iD8DBQE+6EnfsnuUTjSIToURAuR6AJ9r2ne6unNfGJRPhIz092dErqHgpwCeJ/Er G9JetHtkD4hpEkRwPpawGCo= =JwP2 -----END PGP SIGNATURE----- --OXfL5xGRrasGEqWY--