[Bug 188359] Review Request: bugzilla - bug tracking tool
bugzilla at redhat.com
bugzilla at redhat.com
Tue Apr 25 17:31:53 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: bugzilla - bug tracking tool
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188359
tibbs at math.uh.edu changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
AssignedTo|bugzilla-sink at leemhuis.info |tibbs at math.uh.edu
OtherBugsDependingO|163776 |163778
nThis| |
------- Additional Comments From tibbs at math.uh.edu 2006-04-25 13:31 EST -------
This is really shaping up so I'll go ahead and sign on for a review. (Others
are certainly welcome to join in.)
Let's dispense with rpmlint stuff:
W: bugzilla no-documentation
You moved all of the documentation off to the -doc subpackage. The usual
practise seems to be to keep some basic documentation like changelogs or readmes
in the main package and move extensive stuff off to the subpackage; I'd suggest
keeping QUICKSTART, README and UPGRADING* in the base package but it's certainly
up to you as there's no hard rule here.
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/list.html.tmpl
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/edit.html.tmpl
E: bugzilla script-without-shellbang /var/www/bugzilla/contrib/gnatsparse/README
E: bugzilla script-without-shellbang /var/www/bugzilla/contrib/gnatsparse/magic.py
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/create.html.tmpl
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/rebuild-cache.html.tmpl
E: bugzilla script-without-shellbang /var/www/bugzilla/Bugzilla/Bug.pm
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/created.html.tmpl
E: bugzilla script-without-shellbang
/var/www/bugzilla/template/en/default/admin/keywords/confirm-delete.html.tmpl
E: bugzilla script-without-shellbang
/var/www/bugzilla/contrib/gnatsparse/gnatsparse.py
These all have executable permission, but they shouldn't. Perhaps the python
scripts should, but they would need to start with #!/usr/bin/python.
E: bugzilla version-control-internal-file /var/www/bugzilla/template/en/.cvsignore
E: bugzilla version-control-internal-file /var/www/bugzilla/template/.cvsignore
E: bugzilla version-control-internal-file /var/www/bugzilla/Bugzilla/.cvsignore
E: bugzilla-doc version-control-internal-file /var/www/bugzilla/docs/.cvsignore
These should all be deleted.
E: bugzilla non-executable-script /var/www/bugzilla/contrib/gnats2bz.pl 0644
E: bugzilla non-executable-script /var/www/bugzilla/contrib/cvs-update.pl 0644
E: bugzilla non-executable-script /var/www/bugzilla/contrib/sendbugmail.pl 0644
E: bugzilla non-executable-script /var/www/bugzilla/contrib/jb2bz.py 0644
E: bugzilla non-executable-script /var/www/bugzilla/contrib/sendunsentbugmail.pl
0644
E: bugzilla non-executable-script /var/www/bugzilla/contrib/yp_nomail.sh 0644
E: bugzilla-doc non-executable-script /var/www/bugzilla/docs/makedocs.pl 0644
I think it's safe to ignore these, but we'll have to think about consistency.
W: bugzilla non-conffile-in-etc /etc/httpd/conf.d/bugzilla.conf
Safe to ignore.
E: bugzilla wrong-script-interpreter /var/www/bugzilla/contrib/jb2bz.py
"/usr/local/bin/python"
Should probably be fixed.
About the contrib directory:
Is it safe, or even appropriate to stick this stuff in the webroot? I would
argue that it isn't, or that access to it from the web should be severely
restricted. Generally this kind of thing is packaged (execute bits off) with
the documentation as examples or under /usr/lib
Is everything in /var/www/bugzilla intended to be visible from the web or
accessed by one of the scripts run by the web server? Stuff that's run from
cron jobs shouldn't be there. What about the t directory?
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list