[DRE-maint] Bug#570308: redmine: Expects to write to plugin_assets in /usr
jerry at edagames.com
Thu Feb 18 01:06:33 UTC 2010
On 18/02/2010 00:49, Adrian Irving-Beer wrote:
> Package: redmine
> Version: 0.9.2-2
> Severity: serious
> Justification: Policy 9.1.1 FHS chapter 4
> The plugin_assets directory is expected to be writable by the user
> running Redmine. In the Debian redmine package, this is currently
> The package scripts acknowledge this by making directory writable by
> www-data, but writing to /usr at runtime is not allowed per the FHS,
> and will cause problems on systems where /usr is mounted read-only
> (which is acceptable per Debian policy).
> I expect the solution would be to put plugin_assets somewhere in /var
> and create a symbolic link pointing to it. This may cause problems on
> Apache systems where symbolic links are disallowed, but this could be
> worked around using an "Alias" directive in the example Apache
I identified how to patch config/environment.rb :
# Load Engine plugin if available
require File.join(File.dirname(__FILE__), '../vendor/plugins/engines/boot')
Engines::public_directory = '/var/lib/redmine/plugin_assets'
# Not available
The maintainer scripts will take care of that directory properly,
and examples modified accordingly with Alias directive.
> On a related note:
> This part isn't a policy violation (that I know of), but I
> figured I should mention that the package also creates
> "/usr/share/redmine/public/plugin_assets/README" and
> "/usr/share/redmine/db/schema.db" at config time, untracked by dpkg.
> These files get removed at "purge" time via "rm -rf /usr/share/redmine",
> but this seems a bit heavy-handed, since people might have installed
> plugins there. I wonder if it would be better to delete these
> files, perhaps as part of the "prerm" script (or even at the end of
> the "config" script), such that dpkg can clean up /usr/share/redmine
> on its own?
> (Just throwing this out there. It's minor and optional enough that I
> didn't want to bother you with a second "wishlist" bug.)
IMO there are actually two other important bugs reports you could open here :
- don't create "/usr/share/redmine/db/schema.db" at config time (that was on my todo list)
- don't force remove /usr/share/redmine at purge time (i've been harsh here)
Thanks for your reports.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: OpenPGP digital signature
More information about the Pkg-ruby-extras-maintainers