From owner-freebsd-apache@FreeBSD.ORG Mon Jun 2 19:33:36 2014 Return-Path: Delivered-To: freebsd-apache@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6905A402; Mon, 2 Jun 2014 19:33:36 +0000 (UTC) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 259152BE2; Mon, 2 Jun 2014 19:33:35 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 1CA9528431; Mon, 2 Jun 2014 21:33:26 +0200 (CEST) Received: from [192.168.1.2] (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 0C88628426; Mon, 2 Jun 2014 21:33:25 +0200 (CEST) Message-ID: <538CD184.90002@quip.cz> Date: Mon, 02 Jun 2014 21:33:24 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14 MIME-Version: 1.0 To: Mark Felder Subject: Re: Mass cleansing of Apache module POLA violations References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-apache@freebsd.org X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2014 19:33:36 -0000 Mark Felder wrote: > Hi all, > > Thanks for maintaining Apache and friends. > > I have a request. With my sysadmin hat on, I find maintaining Apache on > FreeBSD to be the most frustrating Apache experience on the planet. Some > Apache modules insert LoadModule into your httpd.conf automatically, > some insert with it commented out (#LoadModule), and some tell you in > pkg-message what you need to do to activate the module. The > inconsistency here is embarrassing. > > Can we please stop trying to outsmart the sysadmin? > > - I do *NOT* want every installed Apache module automatically activated > on every server. That's bloat and potential security hole. I might not > actually need it activated. > - I do *NOT* want pkg automatically manipulating my httpd.conf. It puts > entries in the wrong spot, sometimes under custom comment sections where > other LoadModules live. > - I do *NOT* want pkg and Apache to outsmart me and break my systems. > - I *do* want kind, helpful instructions in pkg-message or perhaps > samples that aren't loaded by default waiting for me in > %%ETCDIR%%/modules.d/ +1 I wrote about this problem more than 16 months ago - without any change :( It is not only about Apache, this problem is in more ports. http://lists.freebsd.org/pipermail/freebsd-ports/2013-January/080320.html Miroslav Lachman