[phpBB] Discussion about 'multisite'

David Prévot david at tilapin.org
Thu Mar 11 17:17:31 CET 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 09/03/2010 19:14, J.M.Roth a écrit :
> As noted in #437836 I'm asking for developer feedback here.
> (I'm not sure if the bugtracker is the right place for that.)

Some one responded quickly did you ping them elsewhere ?

> == What does upstream say? ==
[...]
> Wouldn't they want to have this?

So it seems. I find it a pity not to be concern about repeated code,
especially for web application, but once we have some thing effective,
maybe we can try to come back to them and propose them our patches...

> == Issue: upgrade of additional boards! ==
> 
> I also had a second thought which might fix #440405.
> 
> Indeed this is more or less required, or how would people with
> additional boards be able to upgrade when even newer versions are released?

You got a point. I didn't thought about it when I implemented multiboard
and didn't give the necessary rights to the database users in order to
modify the structure of it :/.

> We could at least include the install folder with a random suffix, e.g.
> install.5Tp7Jg and hope this will not be a source for brute force
> attempts to access that folder.

I don't believe it would be safe to count on some name obfuscation for
security purpose. If some install script is useful, it should be
provided, but if they are security flows, it might need a second thought...

> That is, if there is no possibility at all of automating these upgrades,
> e.g. using dbconfig, which could ask for the DB admin password and a
> list of all the sites somewhere in /etc/phpbb3 so that our upgrade
> script would know what to do, or so... (fantasizing for now)

Ikiwiki propose a similar tool to update the structures of the multiple
wiki on upgrade (but it doesn't use database).

> == Permissions req'd for multiboard ==
> 
> Is anything speaking against what I proposed in #447542, i.e. setting
> the dirs in /var/lib to 1753 (i.e. rwxr-x-wt, root:www-data).

I don't get why they need to be world writable : if the web server is
executed by www-data (or a user in www-data group), www-data group
should be able to read (and write if necessary), but if the web server
is executed by someone else, making a directory readable by the www-data
group (and not world readable) is pointless.

I use an other approach : creation of the necessary directory when
activating a new forum, and give them drwxrws--- rights
(www-data:$GROUP) where www-data is member of $GROUP, and the designed
webmasters are members of $GROUP too (in purpose of local maintenance,
but it might not be needed).

> That would make the additional sites easier to setup (less steps).
> Or should this directory creation be combined with the problem above by
> maybe creating a script to give the system new info about the new site:
> - database name
> - database prefix
> - site name = cache folder path etc.

I made a quirty script for this purpose, I can post it if it is of
interest, or try to adapt it and make it less dirty when we agree about
the multiboard method.

Cheers

David

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkuZF5oACgkQ18/WetbTC/qK4ACeKL3e4RV9/eVdEsOpfVWcN6BD
5KMAnRWeKQmD/cbc41NViVVP28Xgynpv
=KfVn
-----END PGP SIGNATURE-----




More information about the phpBB-l mailing list