Charles Curley wrote: >> I only recently started to maintain a few packages so I don't have >> piles of bug reports to deal with as some maintainers do. > > I have had such piles, although not with Fedora. My advice: learn > how to triage them, and how to move them along. Do not get behind; > it will kill you. It's also rude to the reporter. Very true. Sometimes reality and other factors step in and keep that truth from being followed. :) >> I certainly intend to reply to every bug report that is filed on >> any of my packages, > > I appreciate that; I hope the good intentions last. As you are a > volunteer (so I take it), don't take on more than you can chew, and > leave yourself some slack. That's advice I've been giving volunteers > and paid employees for damn near half a century now, and its good > advice. Indeed it's good advice. I've volunteered in a few places over the years and have watched many people join, push hard, burn out, and disappear. A lot of people can sprint, few can run marathons. I'm particularly good at not taking on too much (some would say I'm a little too good at it ;). > OK, I've worked as a paid professional on the receiving end of bug > systems similar to bugzilla. Sorry, but from that experience I'm > skeptical of the bug zappers. I think it is part of the maintainer's > job to do that stuff. I'm glad to see it proposed and I hope it > prospers. The work definitely needs to be done! I see it as much like a good secretary, who acts as a filter. That way the boss only has to deal with the important things without weeding out duplicate information and other useless info. > Is there a document anywhere that details what a maintainer should > expect from bugzilla and reporters, how to go about using the > system, etc. For example, a document that gives circumstances under > which one would mark a bug as "will not fix", and steps to take > prior to doing so. An ops manual, if you will, for bugzilla? I'm sure there are various pieces of this on the Fedora wiki and in the mailing list archives. I don't have any links off the top of my head. In bugzilla itself, the various states a bug can be in are described at https://bugzilla.redhat.com/page.cgi?id=bug_status.html I've seen discussion about a maintainer responsibility document, but I don't think anything solid exists yet. To bring this discussion back to the topic of mantis a bit, I installed the package last night and got it working (in a little over the 20-30 minutes that the mantis docs say it should take). I don't think that the package is hopelessly broken, but there are a few things that could definitely be fixed up to provide a better user experience. Here are some notes of what I ran into, some of which I think are what bit you (mostly the Apache Allow/Deny rules): 1) php-mysql missing -- should this be required? It seems that technically it isn't, but it makes for an unusable default. At the least, the php-mysql package should be noted in the README.Fedora file. The package changelog indicates that the dependency was removed a long time ago (version 0.19.2-1) because the package can be used with PostgreSQL as well. 2) Apache rules use "Allow from localhost", but seem to fail with the default hosts file that specifies localhost.localdomain as the canonical hostname. Using allow from 127.0.0.1 worked out better for me, and seems to be what the other web app packages I have installed use. 3) mantis 1.0.8 has a bug that keeps the initial db creation from working. See http://www.mantisbt.org/bugs/view.php?id=8256 for a report and patch. This should get added to the Fedora package until a 1.0.9 release is made upstream. 4) SELinux generated an error when trying to send a password reminder: type=AVC msg=audit(1188186921.311:669): avc: denied { read } for pid=3974 comm="sh" name="sendmail.postfix" dev=sda2 ino=216037 scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file I disabled SELinux before using the package much further, so I don't know if there are other SELinux issues lurking. It may only occur with Postfix, I don't know. Aside from that, I had a seemingly usable[1] mantis install in a reasonable amount of time. With the Apache allow/deny rules setup it is probably a little more secure than just unpacking the upstream tarball in /var/www/html. But that security definitely caused me the most hassle in working out why I was getting access denied errors. I didn't think Apache was that strict with the hostnames used. I reported these issues at: https://bugzilla.redhat.com/show_bug.cgi?id=257561 Please feel free to add anything that I missed. :) [1] For some definition of usable (I'm not a mantis lover myself.) -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From there to here, from here to there, funny things are everywhere. -- Dr. Seuss, One Fish Two Fish, Red Fish Blue Fish
Attachment:
pgpRX3LraAwtD.pgp
Description: PGP signature
