Re: Advice for package needing stuff installed in /srv (node-shiny-server)

To: debian-devel@lists.debian.org
Subject: Re: Advice for package needing stuff installed in /srv (node-shiny-server)
From: Marvin Renich <mrvn@renich.org>
Date: Thu, 28 Apr 2022 08:49:59 -0400
Message-id: <[🔎] YmqNd7cjHXP4Qxst@basil.wdw>
Reply-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 06bf17bb-66a2-dd5c-b5f6-d4b0e0741be4@ericebrown.com>
References: <[🔎] 87y1zq2qu3.fsf@hope.eyrie.org> <[🔎] 06bf17bb-66a2-dd5c-b5f6-d4b0e0741be4@ericebrown.com>

* Eric Brown <eb@ericebrown.com> [220427 20:24]:
> Thank you for the explanation, and thanks for the history and pointer
> towards tftp. Looks like you remembered correctly
> (https://lists.debian.org/debian-devel/2020/02/msg00197.html). I installed
> tftpd-ahp. Interestingly, after all that discussion, it still does create a
> directory /srv/tftp which is its default served directory, like the upstream
> shiny-server behaviour.
> Best,
> Eric

If tftpd-hpa does, it is violating Debian Policy.  However, there is a
significant difference between an FTP server and a web server:  the FTP
server's data directory is dynamic, and can be modified by clients on
other hosts.  /var/lib/package is not a good choice for this directory.

I agree with the others in this thread that you _must not_ step on the
sysadmin's toes by creating directories or files in /srv without
explicit permission.

I see two possible approaches.  The first is to use /srv/shiny-server as
the configuration default, and not place anything there (not even
creating the directory).  You can use README.Debian or (although
possibly a mild abuse) NEWS.Debian to guide the sysadmin on how to fix
things.

The other, which I strongly prefer and follows what other web servers in
Debian have done, is to use /var/lib/shiny-server as the default, and
modify the default web page to give instructions, explaining that for
the package to use /srv/shiny-server as the default without the user's
explicit permission is a violation of both the FHS and Debian Policy.
You can provide a script in /usr/share/doc/shiny-server/examples/ that
will "correct" the default if the user wishes.

The fact is that for shiny-server to be useful, the user must customize
the website anyway.  One extra step that is explained in the default web
page to get it to match the upstream defaults is not onerous.

What would be policy compliant, would be to have a debconf question (as
others have suggested), whose default behavior is to use
/var/lib/shiny-server, but if the user explicitly changes it to
/srv/shiny-server, then it is fine to go ahead and create and populate
the directory.  Asking a debconf question, but defaulting to
/srv/shiny-server would be the same as not asking the question, and is
thus a policy violation.

Also, note that /var/shiny-server is not FHS or Debian Policy compliant,
but /var/lib/shiny-server is (I vaguely remember someone mentioning
/var/shiny-server earlier in this thread, so I thought I would point
this out).

...Marvin

Reply to:

References:
- Re: Advice for package needing stuff installed in /srv (node-shiny-server)
  - From: Russ Allbery <rra@debian.org>
- Re: Advice for package needing stuff installed in /srv (node-shiny-server)
  - From: Eric Brown <eb@ericebrown.com>

Prev by Date: Re: feedback for NEW packages: switch to using the BTS?
Next by Date: Re: autopkgtest/sbuild environment variables: LC_ALL, HOME, XDG_RUNTIME_DIR etc
Previous by thread: Re: Advice for package needing stuff installed in /srv (node-shiny-server)
Next by thread: Re: Advice for package needing stuff installed in /srv (node-shiny-server)
Index(es):
- Date
- Thread