reopen 385889 severity normal thanks > I've NMUed for this bug (fixing the bug to use versioning instead of the > "fixed" tag, to ease tracking through testing); here's the changelog: > > > phpmyadmin (4:2.8.2-0.2) unstable; urgency=medium > > . > > * Non-maintainer upload. > > * Fix issue with /var/www pointing to /usr/share/phpmyadmin. > > (Closes: #385889) > > * Make sure we install /var/www as a directory, since we make a > > symlink into > > it and we can't rely on it being there. > > * Explicitly link to /var/www/phpmyadmin instead of /var/www, to make > > sure > > we don't make a new /var/www even if it should be removed for some > > reason.
Thanks for your work, but I do not agree that this is the proper fix. The major problem has been resolved, so it's not release critical anymore. But this whole symlink should just be removed and the package not touch /var/www. Most Debian webapps provide webserver config snippets that use Alias to make themselves available. This is highly flexible for the administrator and is referenced in the webapps policy. Setting a symlink in /var/www might impede the current configuration of the administrator, and opens up the databases to plain text remote logins instantly with no good way to undo (the symlink will be recreated on the next login). I advise to use the Alias way documented in the webapps policy. By the way Piotr, there've been some recent NMU's for phpmyadmin in unstable and stable. Are you interested in passing the package on? If so, I'm interested to take it. If you're just temporarily busy that's of course also just fine :) Thijs
signature.asc
Description: This is a digitally signed message part
