[Pkg-dspam-misc] Bug#488924: dspam-webfrontend and apache2-suexec
Stefan Fritsch
sf at sfritsch.de
Tue Sep 2 21:31:41 UTC 2008
Sorry this answer took so long.
First the usual disclaimer: I am not a release team member.
On Sunday 17 August 2008, Kurt B. Kaiser wrote:
> > Lenny is frozen, the release team will never accept so many
> > changes to go into Lenny.
> I understand your feeling about this. However, I think you might
> be overly pessimistic, because the changes aren't as extreme as
> they might seem to be when looking at the changelog.
I still think that the release team will not accept this update. After
all, they have to review the diff. And
31 files changed, 605 insertions(+), 219 deletions(-)
is not easily reviewed, even if ~ 250 lines are documentation. But you
can ask the release team yourself, if you don't believe me.
> I began with changes to pass the standard Debian flags to configure
> and to build in the source tree instead of in a subdir. I did this
> so the Makefiles would be available when running maintainer-clean
> to remove the auto-generated files resulting from autoconf. This
> produces a much cleaner .diff.gz, which now only contains entries
> from .../debian and its subdirectories, which is a goal when dpatch
> is used. This step was verified with interdiff.
This is exatcly the kind of change that should be deferred until
lenny+1, IMHO.
> Fixing #481755 and #483868 involved one word changes to fix
> important regressions. I think that inspecting the changes will
> show them to be non-problematic.
These should be included then.
> Updating to compatibility level 7 and Standards 3.8.0 introduced no
> additional changes.
If there are no changes necessary then it might be ok. But changing
debhelper compatibility level is something I would avoid so close to
the release unless you need the change.
> Adding amavis to the trusted users is a one word change to a config
> file, and non-disruptive by inspection.
No problem here.
> There were several changes to improve the documentation, and that's
> allowable per the Lenny freeze guidelines.
Yes.
> Now, the webfrontend: Previously, we had a non-functional demo
> VirtualHost fragment. I moved it to its correct location in
> /etc/dspam/ and modified it to be served on localhost only, with a
> simplified login using htpasswd. I also moved other files that the
> user might be expected to customize. Having a working website
> following installation should help those users who were having
> difficulty getting started with the webfrontend configuration. I
> tested this by running the website.
This also looks like something that should better be deferred.
> There was an issue with upgrading etch: the /usr/share/dspam dir
> had some symlinks which were causing upgrade errors. This is a
> serious bug, at least, and had to be fixed.
Yes.
> One of the Lenny goals is to pass the piuparts test. The
> webfrontend was not purging correcty, and I made some changes to
> fix that. The changes were most cleanly accomplished by putting
> the webfrontend config files under ucf control.
A less intrusive way would have been better, I think.
> There were no changes to the core of dspam or the webfrontend, so I
> don't think any of the above could be considered disruptive.
But all in all, it's quite a lot of change and there is plenty
opportunity to introduce new bugs. This is something that should be
avoided if possible.
Cheers,
Stefan
More information about the Pkg-dspam-misc
mailing list