From: Tavis R. <ta...@re...> - 2002-07-10 19:49:30
|
Stefan, how are you assigning permissions on=20 /usr/local/Webware vs. /usr/local/webware. In the name of privilege separation, the user running webkit should only = have=20 write permissions to the locations that webkit writes to during operation= and=20 read-only permission on everything else: config files, servlets, etc. Fo= r=20 that reason, the webware user's homedir shouldn't contain the config file= s. I'd be inclined to create a /var/run/webkit directory for all the stuff t= hat=20 changes during operation so that it is possible for paranoid sysadmins to= =20 mount /usr/ read-only. Putting the logs in /var/log/webkit is a good ide= a. =20 Cheers, Tavis On July 10, 2002 12:21 pm, Stefan Schwarzer wrote: > Hello Bill (and others) :-) > > On Mon, 8 Jul 2002, Bill Eldridge wrote: > > Daniel Podlejski wrote: > > > Hancock, David (DHANCOCK) wrote: > > > : Stefan: I think that there's no "porting" to be done. If your > > > : FreeBSD system has Python, you should be fine just installing and > > > : running Webware for Python. > > > > > > No. Read http://www.freebsd.org/ports/index.html > > > > Well, what David was saying was that Webware should > > work fine with Python 2.2 on FreeBSD with no changes. > > > > If you or Stefan wants to add this as an official Port > > for this FreeBSD page, please go ahead. > > (the egenix mxDate module is probably also necessary > > and without problem if you want the database MiddleKit > > included. If there's anything else that doesn't work > > on FreeBSD, you should report it here.) > > I've made a first attempt at creating a port. It can be found at > www.sschwarzer.net/download/webware_port-0.1.tar.gz . The files' > contents are relative to /usr/ports; I've placed the port under > www/Webware. Use it at your own risk. :-) > > Hopefully all works well but there are surely some things to do (see > comments at the bottom of the Makefile). > > The port does (or at least should do ;-) ) the following: > > - install the Webware distribution in /usr/local/Webware > - call install.py there (use generated password) > - make a default webware user with home directory /usr/local/webware > - use MakeAppWorkDir.py to fill this dir > - install a start/stop script in /usr/local/etc/rc.d > > This is the first port I made. It was only relatively fast because of > the well-written Porter's Handbook and because I could use some files > and ideas from the PostgreSQL port as templates. :) > > > Aside from that, since Python software is usually > > installed using "setup.py build, setupt.py install", > > it's questionable whether you really want to package > > it according to the FreeBSD rules, but I haven't > > thought about this much. > > Yes, I've thought about the same when there was this discussion on > packaging some months ago. IMHO, every third-party software that a > developer uses via import module should be placed below > site-packages. On the other hand, I see the appserver really as an > application that should not be in site-packages. Consequently, > Webware's files would have to be distributed over several directories. > > For the port, I didn't go through this distinction; that is, this port > doesn't use distutils (yet?) and installs "everything" in > /usr/local/[Ww]ebware. > > I've thought about putting logs in /var/log/webkit or so instead of in > the app workdir. What are your opinions on this? |