| Summary: | app-misc/gallery updated for webapp.eclass | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Renat Lumpau (RETIRED) <rl03> |
| Component: | New packages | Assignee: | Gentoo Web Application Packages Maintainers <web-apps> |
| Status: | RESOLVED TEST-REQUEST | ||
| Severity: | enhancement | CC: | ckdake, mike, weeve |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
gallery-1.4.4_rc2.ebuild
files/postinstall-en.txt gallery-1.4.4-r1.ebuild files/postinstall-en.txt |
||
|
Description
Renat Lumpau (RETIRED)
2004-07-26 03:57:30 UTC
Created attachment 36175 [details]
gallery-1.4.4_rc2.ebuild
Created attachment 36176 [details]
files/postinstall-en.txt
see http://bugs.gentoo.org/show_bug.cgi?id=51008 perhaps.. Also, As of 1.4.4, Gallery no longer requires the use of configure.sh and secure.sh. The configuration wizard is run via a logged in administrator for upgrades and without running the script on a new install. Three issues about that ebuild. Only one is major: 1. In the dodoc line, Changelog should be Changlog.archive.gz (don't know why they have it that way). 2. After the dodoc, you should rm -f the dodoc files or else they're duplicated into the master-copy installation. 3. *** The major one ***: Don't "touch config.php". Packaging config.php makes it overwrite the user's config.php with no backup. Doh, typo: I meant "ChangeLog.archive.gz" Oh, and ditto item 3 for .htaccess! Mike, Thanks for your comments, I did not think about overwriting existing configfiles. Will fix shortly. FYI there is a ChangeLog and a ChangeLog.archive.gz because the raw changelog is about ~300K when uncompressed. the non-compressed one is the most recent changes, usually since the last point release. Ah, you're absolutely right, Chris. I missed that. Created attachment 36698 [details]
gallery-1.4.4-r1.ebuild
- version bump (all arches dropped to ~)
- incorporated suggestions
Created attachment 36699 [details]
files/postinstall-en.txt
That one seems to work well here. One thought, though: I agree with you not doing "rm -rf html" after the dohtml, since the docs are linked from within gallery when logged in. But the dohtml redundantly duplicates the whole html documentation tree in /usr/share/doc/gallery-*. I'm not sure the right thing to do is *not* to do the dohtml so as to avoid this duplication since, typically, those docs are supposed to be there. I'm just mentioning it for consideration. If/when we get ready to draft a GLSA: 20:42 <@Stuart> klieber: by default, we ship php w/ allow_fopen_url=off, which (from reading the code) should be enough to prevent the attack from working In CVS, also see bug #60742 # emerge -av gallery These are the packages that I would merge, in order: Calculating dependencies ...done! [ebuild R ] www-apps/gallery-1.4.4-r1 0 kB Total size of downloads: 0 kB Do you want me to merge these packages? [Yes/No] >>> emerge (1 of 1) www-apps/gallery-1.4.4-r1 to / >>> md5 src_uri ;-) gallery-1.4.4.tar.gz vhosts >>> Unpacking source... >>> Unpacking gallery-1.4.4.tar.gz to /var/tmp/portage/gallery-1.4.4-r1/work * Applying vuln-20040817.diff... [ ok ] >>> Source unpacked. >>> Install gallery-1.4.4-r1 into /var/tmp/portage/gallery-1.4.4-r1/image/ category www-apps gzip: /var/tmp/portage/gallery-1.4.4-r1/image/usr/share/doc/gallery-1.4.4-r1/ChangeLog.archive.gz already has .gz suffix -- unchanged * (server owned) htdocs/albums * ebuild fault: file '/usr/portage/www-apps/gallery/files/postinstall-en.txt' not found * Please report this as a bug at http://bugs.gentoo.org/ !!! ERROR: www-apps/gallery-1.4.4-r1 failed. !!! Function webapp_checkfileexists, Line 59, Exitcode 0 !!! ebuild fault: file '/usr/portage/www-apps/gallery/files/postinstall-en.txt' not found Thanks for reporting. Missing file in CVS now, will hit your mirrors in about an hour. Works for me now. :) |