Am Donnerstag, 21. April 2011, 14:39:13 schrieb Ludwig Nussel:
Ralf Lang wrote:
while packaging horde4 I noticed the rpmlint warning horde4.noarch: W: non-etc-or-var-file-marked-as-conffile /srv/www/htdocs/horde4/config/conf.php.dist
If config files are allowed to live in /var (where web apps used to live in old times) why are they not allowed in /srv ?
Good topic. Why do web apps not adhere to the traditional layout we are used to anyways? /srv is a mess. It mixes vendor files with user files, config files with static data, binaries with state databases etc. This is not specific to horde of course but let's use it as example. Why not keep the default document root /srv/www/htdocs clean and put horde to e.g. /usr/share/horde4, it's config files to /etc/horde4 and it's database or whatever variable data it has to /var/lib/horde4?
From my POV web-apps aren't stand-alone applications but script files for an interpreter used by apache2. Therefore I see no problem having all files under DocumentRoot. It also makes it easier to confine web-apps without giving an attacker access to /etc. Bye Thomas -- Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org