[clue-tech] Presentation on Ubunto/Debian?

Collins Richey crichey at gmail.com
Tue May 31 19:22:44 MDT 2005 

On 5/30/05, Nate Duehr <nate at natetech.com> wrote:
> Collins Richey wrote:
> > On 5/30/05, Nate Duehr <nate at natetech.com> wrote:
> 

> > I'm still too much of a babe in the woods with this stuff. Isn't the
> > dependancy checking and removal what apt-get build-dep does?
> 
> Never used it.  Never had a need.  Perhaps I'm missing out on something
> useful, but I don't think so.  Anything with "build" in the name usually
> indicates it's part of the package creation chain on Debian, and not
> needed to just keep binary packages installed up-to-date.

Not really, based on my one experience. It appears to work like I
would have expected instsll to work, ie resolves dependancies and
ind\stalls binary packages.

> 
> > Yeah, that's been my major hangup over the years with Debian. Just the
> > facts, ma'am, and keep the religion between yourself and RMS, thank
> > you very much.
> 
> I never realized until recently what a turn-off this is for some people.

Yep, I'm one of those people. I'm also major turned-off by those who
get their rocks off by trouncing newbies, and I understand this is a
daily occurrence on Debian lists.


> Hmm... I'm not much for doing multimedia type "stuff" on Debian, since I
> use it mostly for servers.  I do all the video watching/media playing
> stuff on the Gentoo laptop right at the moment.  S

Yep, Gentoo is usually the answer.

> 

> > One thing I'm curious about, security-wise. On Kubuntu, Debian too?,
> > the root web directory is /var/www owned by root:root whereas RedHat
> > and others put the root directory in /var/www/<somethingelse> usually
> > owned by apache:apache. Isn't root ownership of the web directory a
> > bad idea (TM)?
> 
> On most Debian systems I think the norm is /var/www with ownership and
> group of www-data, a "made-up" standard user and group that packages can
> use to install things into the web tree if they need to.  Most packages
> seem to actually use /usr/share/package or other variants of /usr/share
> nowadays though, directly installing to /var/www in practice doesn't
> seem to be done by many packages today.  Quite a while back the apache
> folks changed the way they were handling the config files so that new
> packages could just install their own config file and it would be
> appended via an INCLUDE into the main httpd.conf, so much cleaner, and
> use of directories outside of /var/www could then easily be used.
> 
> Sounds like Ubuntu and others do some wacky things -- most of the
> choices about where stuff goes in the Debian filesystem tree is based
> off of policy and enforced via bugs if a package doesn't meet policy.
> If the new distros are messing with that stuff, hopefully they're doing
> it consciously and letting their users know they've removed long-debated
> security and usability policy-driven stuff... yikes.
> 
> Ahh... I don't mean to sound like a commercial -- they can certainly do
> what they want, it's free code... just sounds kinda like they're going
> to relearn lessons already addressed in Debian, down the road... or
> maybe not...
> 

Yep, I've heard that already. Interestingly enough, I discovered after
a little research that [K]ubuntu puts User myownuser Group myownuser
in the apache2.conf. Sort of makes sense since they want the
'myownuser' to be able to do everything and they avoid root
completely. My few web systems work mucho better after the appropriate
chown.

-- 
 Collins
       Head teachers of the world unite: you have nothing to lose but 
       the Start button.

More information about the clue-tech mailing list