[DRE-maint] Bug#819374: gitlab-shell: has a configuration file in /usr/share and modifies it; also creates a log file there and other links
Julian Gilbey
jdg at debian.org
Sun Mar 27 18:09:58 UTC 2016
Package: gitlab-shell
Version: 2.6.10-1
Severity: serious
The file /usr/share/gitlab-shell/config.yml is clearly a configuration
file and is modified during the package installation. It also seems
to be modified during package upgrading, which is another serious bug.
In addition, a log file /usr/share/gitlab-shell/gitlab-shell.log is
created, as is a symlink /usr/share/gitlab-shell/.gitlab_shell_secret.
This is all in contravention of the Debian Policy.
Suggested fixes:
The config.yml file should be stored in the package as a symlink to
/etc/gitlab-shell/config.yml or something similar. During the first
package installation, this should be setup as needed (including the
hostname), and during upgrades should be left alone.
The log file should not be stored in /usr/share but rather in
/var/log/gitlab.
The symlink should be in the package, and then the /var/lib/... file
setup as needed during the package configuration or running or
whatever is appropriate.
Best wishes,
Julian
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gitlab-shell depends on:
ii ruby 1:2.3.0+1
ii ruby2.1 [ruby-interpreter] 2.1.5-4
ii ruby2.2 [ruby-interpreter] 2.2.4-1
ii ruby2.3 [ruby-interpreter] 2.3.0-5
gitlab-shell recommends no packages.
gitlab-shell suggests no packages.
-- no debconf information
-- debsums errors found:
debsums: changed file /usr/share/gitlab-shell/config.yml (from gitlab-shell package)
More information about the Pkg-ruby-extras-maintainers
mailing list