[Pkg-mediawiki-devel] Bug#570535: mediawiki shall update database using dpkg own account debian-sys-maint

George Shuklin amarao at desunote.ru
Fri Feb 19 16:49:26 UTC 2010 

Package: mediawiki
Version: 1:1.15.1-1
Severity: normal

Mediawiki right now become unsuable after upgrading (files are updated, database no).

Current SQL update process requied to make by hand AdminSettings.php file in /etc/mediawiki with sql sysop account data (including password) and run 
/usr/share/mediawiki/maintenance/update.php

But debian package system have it own password for database maintenance (debian-sys-maint). I think, updating script shall be runned by dpkg during 
updates, not by hands.

F.e., I someone have rights to do `sudo aptitude update` and have no any other rights (like SQL superuser or rights to write to /etc) we got situation 
of failed update (real root needed). 

Even if user will have right to write /etc, there is a big risk to open AdminSettings.php with plaintext password to other users.

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages mediawiki depends on:
ii  apache2            2.2.9-10+lenny6       Apache HTTP Server metapackage
ii  apache2-mpm-prefor 2.2.9-10+lenny6       Apache HTTP Server - traditional n
ii  debconf [debconf-2 1.5.24                Debian configuration management sy
ii  mime-support       3.44-1                MIME files 'mime.types' & 'mailcap
ii  php5               5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii  php5-mysql         5.2.6.dfsg.1-1+lenny4 MySQL module for php5

Versions of packages mediawiki recommends:
ii  mysql-server       5.0.51a-24+lenny3     MySQL database server (metapackage
ii  mysql-server-5.0 [ 5.0.51a-24+lenny3     MySQL database server binaries
ii  php5-cli           5.2.6.dfsg.1-1+lenny4 command-line interpreter for the p

Versions of packages mediawiki suggests:
pn  clamav          <none>                   (no description available)
ii  imagemagick     7:6.3.7.9.dfsg2-1~lenny3 image manipulation programs
pn  mediawiki-math  <none>                   (no description available)
pn  memcached       <none>                   (no description available)
ii  php5-gd         5.2.6.dfsg.1-1+lenny4    GD module for php5

-- debconf information:
  mediawiki/webserver: apache2

More information about the Pkg-mediawiki-devel mailing list