summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortara%tequilarista.org <>2000-06-07 04:47:08 +0200
committertara%tequilarista.org <>2000-06-07 04:47:08 +0200
commitad903083e6acfd9c79502dc4c3e2048407d1b0e8 (patch)
treef02ab8c6e9ec8b0700d199ce23f83a7ba6af1177
parent4ae9e7f35aeccd0c20dc3eed49da90815b255b24 (diff)
downloadbugzilla-ad903083e6acfd9c79502dc4c3e2048407d1b0e8.tar.gz
bugzilla-ad903083e6acfd9c79502dc4c3e2048407d1b0e8.tar.xz
checking in 0.2.1 of the FAQ
-rw-r--r--docs/FAQ.html1238
1 files changed, 1238 insertions, 0 deletions
diff --git a/docs/FAQ.html b/docs/FAQ.html
new file mode 100644
index 000000000..01f9b9a4f
--- /dev/null
+++ b/docs/FAQ.html
@@ -0,0 +1,1238 @@
+<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
+<html>
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+ <meta name="Description" content="This is the unofficial Mozilla Webtools FAQ">
+ <meta name="Author" content="Matthew P. Barnson">
+ <meta name="GENERATOR" content="Mozilla/4.72 [en] (X11; I; Linux 2.2.15-0.25mdksmp i686) [Netscape]">
+ <title>The Unofficial Webtools FAQ v 0.2.1</title>
+</head>
+<body text="#000000" bgcolor="#FFFFFF" link="#0000EE" vlink="#551A8B" alink="#FF0000">
+
+<center>
+<h1>
+The Unofficial Webtools FAQ v 0.2.1</h1></center>
+The contents of this file are subject to the Mozilla Public License Version
+1.1 (the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at <a href="http://www.mozilla.org/MPL/">http://www.mozilla.org/MPL/</a>
+.&nbsp; Software distributed under the License is distributed on an "AS
+IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+the License for the specific language governing rights and limitations
+under the License.
+<p>The Original Code is "The Unofficial Webtools FAQ".
+<p>The Initial Developer of the Original Code is AtHome Corporation. Portions
+created by AtHome are Copyright &copy; 1995-2000 AtHome Corporation. All
+Rights Reserved. @Home, Excite@Home, @Work, and Excite are the trademarks
+of At Home Corporation, and may be registered in certain jurisdictions
+<p>Contributor(s):
+<ul>
+<li>
+<a href="mailto:mbarnson@excitehome.net">Matthew P. Barnson</a></li>
+
+<li>
+<a href="mailto:terry@mozilla.org">Terry Weissman</a></li>
+
+<li>
+<a href="mailto:tara@tequilarista.org">Tara Hernandez</a></li>
+</ul>
+Last change: April 10, 2000
+<p>Changes:
+<br>Version 0.2: Initial public release. (April 10, 2000)
+<br>Version 0.2.1: Fixed formatting, released as HTML.&nbsp; Also corrected
+incorrect fix for missing bugs from queries (it's syncshadowdb, not processmail)
+and information about bugzilla maintainers (April 10,2000)
+<br>Version 0.2.2:
+<ol>
+<li>
+Fixed mailto: links (they were showing up as "documents/"... weird)</li>
+
+<li>
+Added new sections:</li>
+
+<ol>
+<li>
+API notes (such as it is)</li>
+
+<li>
+common feature requests</li>
+
+<li>
+more FAQ's</li>
+
+<li>
+Fixed several tpyos</li>
+</ol>
+
+<li>
+Take into account recent submissions to the newsgroup</li>
+
+<li>
+Removed "Bugzilla Gotchas" section and integrated entries into "Bugzilla
+Bugs"</li>
+</ol>
+
+<p><br>Maintainer: <a href="mailto:mbarnson@excitehome.net">Matthew P.
+Barnson</a>
+<br>&nbsp;
+<center>
+<h2>
+Table of Contents</h2></center>
+
+<center><a href="#INTRODUCTION">INTRODUCTION</a>
+<br><a href="#BZGENERAL">BUGZILLA GENERAL</a>
+<br><a href="#BZINSTALLATION">BUGZILLA INSTALLATION</a>
+<br><a href="#BZCONFIGURATION">BUGZILLA CONFIGURATION</a>
+<br><a href="#BZSECURITY">--security</a>
+<br><a href="#BZEMAIL">--email</a>
+<br><a href="#BZDATABASE">--database</a>
+<br><a href="#BZNT">BUGZILLA and WINDOWS NT</a>
+<br><a href="#BZUSE">BUGZILLA USE</a>
+<br><a href="#BZKNOWNBUGS">BUGZILLA KNOWN BUGS</a>
+<br><a href="#BZHACKING">BUGZILLA HACKING</a>
+<br><a href="#BZAPI">--API</a>
+<br><a href="#TINDERBOX">TINDERBOX</a>
+<br><a href="#BONSAI">BONSAI</a></center>
+
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="INTRODUCTION"></a>INTRODUCTION</h2></center>
+
+<center>or "And all this time we thought we were *reducing* the number
+of bugs"</center>
+
+<hr WIDTH="100%">
+<br>The Unofficial Webtools FAQ is designed to answer common user questions
+outside the scope of the webtools README files and supporting documentation
+in an easy "question and answer" format. Where appropriate, this FAQ will
+refer to URLs rather than including documents in their entirety to ensure
+completeness even should this FAQ become out of date. This is a living
+document; please be sure to update your copy from the latest version available
+in the netscape.public.mozilla.webtools newsgroup before mirroring. As
+yet, there is no permanent home for the document other than the newsgroup.
+<p>This FAQ is not maintained by Netscape or Netscape employees, so please
+do not contact them regarding errors or omissions contained herein. Please
+direct all questions, comments, updates, flames, etc. to <a href="mailto:mbarnson@excitehome.net">Matthew
+P. Barnson </a>(barnboy or barnhome on irc.mozilla.org in #mozwebtools).
+<p>I'm sure I've made some glaring errors or omissions in this paper --
+please <a href="mailto:mbarnson@excitehome.net">email me</a> corrections
+or post corrections to the netscape.public.mozilla.webtools newsgroup.
+<p>Bugzilla attracts very intelligent, competent people who need a good
+bug-tracking system to support their projects, so I make a few assumptions
+in this FAQ:
+<ol>
+<li>
+You are using UNIX, or you use NT and have a high tolerance for pain.</li>
+
+<li>
+You are a competent systems administrator with a working knowledge of UNIX
+shells, security, Apache or Netscape/iPlanet web server, Perl, and MySQL.</li>
+
+<li>
+You are not easily frustrated, and have a strong ability to figure out
+answers to problems.</li>
+</ol>
+
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZGENERAL"></a>BUGZILLA GENERAL</h2></center>
+
+<center>or "It's not a bug.&nbsp; It's a feature."</center>
+
+<hr WIDTH="100%">
+<p><b><i>Q</i></b>: <i>Where can I find information about bugzilla?</i>
+<br><b><i>A</i></b>: You can stay up-to-date with the latest bugzilla information
+at <a href="http://www.mozilla.org/projects/bugzilla/">http://www.mozilla.org/projects/bugzilla/</a>.
+<p><b><i>Q</i></b>: <i>What license is Bugzilla distributed under?</i>
+<br><b><i>A</i></b>: Bugzilla is under the Mozilla Public License. See
+details at <a href="http://www.mozilla.org/MPL/">http://www.mozilla.org/MPL/</a>
+<p><b><i>Q:</i></b> <i>How do I get commercial support for Bugzilla?</i>
+<br><b><i>A</i></b>: As far as I know, there are not yet any companies
+that offer commercial Bugzilla support. However, I've heard there are consulting
+companies that will install and maintain a Bugzilla installation for charge,
+and would accept responsibility for it's upkeep. I'm not sure which large
+consulting firms do this yet -- I'm open to more contributions in this
+area.
+<p><b><i>Q</i></b>: <i>What major companies or projects are currently using
+Bugzilla for bug-tracking?</i>
+<br><b><i>A</i></b>: This is by no means a complete list, and is assembled
+from contributions and about 10 minutes of searching on AltaVista. Contributions
+welcome:
+<ul>
+<li>
+<a href="http://www.netscape.com/">Netscape/AOL</a></li>
+
+<li>
+<a href="http://www.mozilla.org/">Mozilla.org</a> (duh!)</li>
+
+<li>
+<a href="http://www.excitestores.com/">AtHome Corporation</a></li>
+
+<li>
+<a href="http://www.redhat.com/">Red Hat</a></li>
+
+<li>
+<a href="http://fenris.lokigames.com/">Loki Entertainment Software</a></li>
+
+<li>
+<a href="http://www.suse.com/">SuSe Corp</a></li>
+
+<li>
+<a href="http://www.horde.org/">The Horde Project</a></li>
+
+<li>
+<a href="http://www.eazel.com/">The Eazel Project</a></li>
+</ul>
+<b><i>Q</i></b>: <i>Who maintains Bugzilla?</i>
+<br><b><i>A</i></b>: <a href="mailto:tara@tequilarista.org">Tara Hernandez</a>
+is the current maintainer of Bugzilla. It was originally written and maintained
+by <a href="mailto:terry@mozilla.org">Terry Weissman</a>, but he is no
+longer heavily involved (Tara adds, "These days, <a href="mailto:terry@mozilla.org">Terry</a>
+just hangs around and heckles").&nbsp; The Quality Assurance contact for
+Bugzilla, who makes sure we don't get too far out of line is <a href="mailto:matty@box.net.au">Matthew
+Tuck</a>. You'll often hear from and about <a href="mailto:dmose@mozilla.org">Dan
+Mosedale </a>and <a href="mailto:endico@mozilla.org">Dawn Endico</a>. Check
+out their bios and responsibilities at <a href="http://www.mozilla.org/about.html">http://www.mozilla.org/about.html.</a>&nbsp;
+They bear primary responsibility for keeping the current bugzilla.mozilla.org
+site up-to-date, and have a vital interest in ensuring Bugzilla moves forward
+(and doesn't break!)
+<p><b><i>Q</i></b>: <i>Why does Bugzilla use .png files instead of .gifs
+for graphs?</i>
+<br><b><i>A</i></b>: Patent restrictions (see <a href="http://www.gnu.org/philosophy/gif.html">http://www.gnu.org/philosophy/gif.html</a>
+for details). If you're using a recent version of the GD library and a
+recent version of Bugzilla, this is no longer a FAQ.
+<p><b><i>Q</i></b>: <i>How does Bugzilla stack up against other bug-tracking
+databases?</i>
+<br><b><i>A</i></b>: As far as I know, there have been no feature-by-feature
+comparisons to other bug-tracking systems.&nbsp; Howeve, here are some
+primary reasons people cite for moving to Bugzilla:
+<ol>
+<li>
+Customizability</li>
+
+<li>
+Maintainability (quick security fixes and trivial upgrades)</li>
+
+<li>
+Industry support (<a href="http://www.mysql.com/">MySQL</a>, <a href="http://www.oracle.com/">Oracle</a>,
+instead of custom little <a href="http://www.sqlcourse.com/">SQL</a> DB)</li>
+
+<li>
+Adherence to web standards (<a href="http://web.golux.com/coar/cgi/">CGI</a>,
+<a href="http://www.perl.org/">Perl</a>,
+SQL)</li>
+
+<li>
+Speed, proven on very large installations (<a href="http://bugzilla.mozilla.org/">bugzilla.mozilla.org</a>)</li>
+
+<li>
+<a href="http://www.usenix.org/">UNIX</a>-based</li>
+
+<li>
+<a href="http://www.tuxedo.org/~esr/writings/cathedral-bazaar/cathedral-bazaar.html">Open
+Source</a>.</li>
+
+<li>
+Price.&nbsp; However, don't let price be the selling point of Bugzilla
+-- it survives on it's own merits.</li>
+</ol>
+<b><i>Q</i></b>: <i>How do I change my username in Bugzilla?</i>
+<br><b><i>A</i></b>: You can't, through the regular Bugzilla interfaces.
+You can do one of the following:
+<ol>
+<li>
+Create a new user account</li>
+
+<li>
+Change the Real Name associated with your login</li>
+
+<li>
+Manually <a href="#BZDATABASE">edit the database entry</a>.</li>
+</ol>
+<i><b>Q</b>:&nbsp; Why doesn't Bugzilla offer this or that feature or compatability
+with &lt;insert cool tracking software here>?</i>
+<br><b><i>A</i></b>:&nbsp; Terry writes,
+<blockquote>I wrote Bugzilla primarily for mozilla.org's use. It is a secondary
+concern (but one still important to me) that it be of use to other folks,
+too. So, rather than spend a lot of time making everything thoroughly portable
+and easy to install, I just threw it over the wall, and prayed that random
+developers would help pitch in and make things easier for everyone.(I'm
+being a little hard on myself here. I *did* spend a week porting the whole
+thing from TCL to Perl, just so that outside folk would have a chance of
+using it. You shoulda seen it before...)</blockquote>
+<b>UPDATE</b>: Bugzilla is making tremendous strides in usability, customizability,
+scalability, and user interfaces.&nbsp; It is widely considered the most
+complete and popular open-source bug database in existence.&nbsp; <a href="http://www.mozilla.org/bugs/source.html">Download
+a copy today!</a>
+<p><b><i>Q</i></b>: <i>Why MySQL? I'm interested in seeing this run on
+(insert "real" RDBMS name here)...</i>
+<br><b><i>A</i></b>: Terry answers,
+<blockquote>You're not the only one. But *I* am not very interested. I'm
+not real SQL or database person. I just wanted to make a useful tool, and
+build it on top of free software. So, I picked MySQL, and learned SQL by
+staring at the MySQL manual and some code lying around here, and
+<br>wrote Bugzilla. I didn't know that Enum's were non-standard SQL. I'm
+not sure if I would have cared, but I didn't even know. So, to me, things
+are "portable" because it uses MySQL, and MySQL is portable enough. I fully
+understand (now) that people want to be portable to other databases, but
+that's never been a real concern of mine.</blockquote>
+<b>UPDATED ANSWER</b>: Looks like RedHat might land changes real soon that
+will bring some more portability to Bugzilla.&nbsp; However, they are in
+severe need of help.&nbsp; Please contact <a href="mailto:dkl@redhat.com">dkl@redhat.com</a>
+if you are interested in helping this effort.
+<p><b><i>Q</i></b>: <i>Why do the scripts say "/usr/bonsaitools/bin/perl"
+instead of "/usr/bin/perl" or something else?</i>
+<br><b><i>A</i></b>: Mozilla.org uses /usr/bonsaitools/bin/perl. The prime
+rule in making submissions is "don't break bugzilla.mozilla.org". If it
+breaks it, your patch will be reverted faster than you can do a diff.&nbsp;&nbsp;
+Terry says:
+<blockquote>Purely my own convention. I wanted a place to put a version
+of Perl and other tools that was strictly under my control for the various
+webtools, and not subject to anyone else. Edit it to point to whatever
+you like.</blockquote>
+
+<p><br><b><i>Q</i></b>: <i>What about Red Hat Bugzilla?</i>
+<br><b><i>A</i></b>: <a href="http://www.redhat.com/">Red Hat</a> has a
+(arguably more user-friendly/customizable/scalable buzzword here) version
+of Bugzilla available. Check it out at <a href="http://bugzilla.redhat.com/">http://bugzilla.redhat.com
+</a>and
+the sources at <a href="ftp://people.redhat.com/dkl/">ftp://people.redhat.com/dkl/</a>.
+They've set theirs up to work with Oracle out of the box. The buzz says
+their changes will be landing in the source tree "real soon now".&nbsp;
+Note that it is based primarily upon the 2.8 Bugzilla tree; Bugzilla has
+made some tremendous advances since the 2.8 release.&nbsp; I recommend
+you download the primary Bugzilla as well as Red Hat's to check out the
+differences for yourself.&nbsp; Red Hat Bugzilla's maintainer, <a href="mailto:dkl@redhat.com">dkl@redhat.com</a>,
+when asked about landing the changes from the Red Hat fork, notes,
+<blockquote>Somebody needs to take the ball and run with it.&nbsp; I'm
+the only maintainer and am very pressed for time.</blockquote>
+
+<p><br><i><b>Q:&nbsp; </b>What about Loki Bugzilla?</i>
+<br><b><i>A</i></b>:&nbsp; Loki Games has a customized version of Bugzilla
+available at <a href="http://fenris.lokigames.com/">http://fenris.lokigames.com</a>.&nbsp;
+From that page,
+<blockquote>You may have noticed that Fenris is a fork from Bugzilla--
+our patches weren't suitable for integration --and a few people have expressed
+interest in the code. Fenris has one major improvement over Bugzilla, and
+that is individual comments are not appended onto a string blob, they are
+stored as a record in a separate table. This allows you to, for instance,
+separate comments out according to privilege levels in case your bug database
+could contain sensitive information not for public eyes. We also provide
+things like email hiding to protect user's privacy, additional fields such
+as 'user_affected' in case someone enters someone else's bug, comment editing
+and deletion, and more conditional system variables than Bugzilla does
+(turn off attachments, qacontact, etc.).</blockquote>
+Like Red Hat Bugzilla, I recommend if you are interested in their changes
+that you download the source and compare.
+<blockquote>&nbsp;</blockquote>
+
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZINSTALLATION"></a>BUGZILLA INSTALLATION</h2></center>
+
+<center>or "Divide by cucumber error.&nbsp; Please re-install universe
+and reboot."</center>
+
+<hr WIDTH="100%">
+<br><b><i>Q</i></b>: <i>How do I download and install Bugzilla?</i>
+<br><b><i>A</i></b>: The README included with Bugzilla documents the installation
+procedures much more thoroughly than I can do here. You can always find
+a current copy of the README in the distribution tarballs available at
+<a href="http://www.mozilla.org/projects/bugzilla/">http://www.mozilla.org/projects/bugzilla/
+</a>.&nbsp;
+This will eventually be documented in "The Bugzilla Installation Guide".
+<p><b><i>Q</i></b>:&nbsp; <i>How do I install Bugzilla on Windows NT?</i>
+<br><b><i>A</i></b>:&nbsp; That question is complex enough it deserves
+<a href="#BZNT">it's
+own section</a>, below.
+<p><i><b>Q:&nbsp; </b>Is there an easy way to change the Bugzilla cookie
+name?</i>
+<br><b><i>A</i></b>:&nbsp; At present, no.
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZCONFIGURATION"></a>BUGZILLA CONFIGURATION</h2></center>
+
+<center>or "make config. not war"</center>
+
+<hr WIDTH="100%">
+<br>&nbsp;
+<blockquote>
+<h3>
+<a NAME="BZSECURITY"></a>SECURITY</h3>
+</blockquote>
+<b><i>Q</i></b>:&nbsp; <i>How do I completely disable MySQL security if
+it's giving me problems (I've followed the instructions in the README!)?</i>
+<br><b><i>A:</i></b>&nbsp; Run mysql like this: "mysqld --skip-grant-tables".&nbsp;
+Please remember this makes mysql as secure as taping a $100 to the floor
+of a football stadium bathroom for safekeeping.&nbsp; Before you plan to
+put Bugzilla up for general consumption, you REALLY need to become familiar
+with <a href="http://www.mysql.com/Manual_chapter/manual_Privilege_system.html#Privilege_system">MySQL
+security</a>.
+<p><b><i>Q</i></b>: <i>Are there any security problems with Bugzilla?</i>
+<br><b><i>A</i></b>: Prior to 2.10, yes. For 2.10 and later, probably,
+but we haven't discovered them yet.. You should upgrade to 2.10 and use
+the following instructions from Chris Yeh's security advisory of 5/10/2000
+if you are running a previous version of bugzilla. Chances are good a lot
+of these permissions issues will make it into checksetup.pl.
+<br>It is recommended that you closely examine permissions on your Bugzilla
+installation. Make sure you are not running mysqld as root. Included is
+one person's examination of their local Bugzilla installation, and how
+they secured it:
+<p><tt><font size=-1>&nbsp; I closed-up some of the all-writeable files
+and directories. The code itself had to be modified to keep it from making
+directories and files world-writeable again... Once this was done, I felt
+confident that this install of bugzilla was running securely. (We don't
+run ftp, and mysql doesn't run as root). The setup we have is that apache
+runs as user 'nobody'. Directories being written into via CGI are therefore
+owner.group==nobody.nobody and only read/writable by user nobody, not world-writeable
+as before ... The *.cgi/*.pl/etc scripts (source) are owned by root.root
+and we can prevent CGI execution and HTTPD reading of the scripts by doing
+chmod go-rwx.... Finally, we prevent reading of the writeable directories
+by HTTP. (The security of this could further be improved by running bugzilla
+as user 'bugzilla' with same privs as 'nobody' but at least a different
+user than the webserver). I did the following to secure our install:</font></tt>
+<br><tt><font size=-1>(1) cd /home/httpd/bugzilla ensure all files owned
+root.root (other than ones in 'shadow' and 'data').</font></tt>
+<br><tt><font size=-1>(2) chmod go-rwx backdoor.cgi ; chmod go-rwx *.sh
+; chmod go-rwx printenv.cgi ; chmod go-rwx 0CGI.pl ; chmod go-rwx *~* ;
+chown -R nobody.nobody data ; chmod -R go-rwx data ; chown -R nobody.nobody
+shadow ; chmod -R go-rwx shadow</font></tt>
+<br><tt><font size=-1>(3) in emacs, in *.pl and *.cgi and processmail in
+bugzilla dir</font></tt>
+<br><tt><font size=-1>(etags *.cgi *.pl processmail) ... do: (tags-query-replace
+"umask 0" "umask 077" nil)</font></tt>
+<br><tt><font size=-1>(tags-query-replace "umask(0)" "umask(077)" nil)</font></tt>
+<br><tt><font size=-1>(tags-query-replace "0777" "0700" nil)</font></tt>
+<br><tt><font size=-1>(tags-query-replace "0666" "0600" nil)</font></tt>
+<br><tt><font size=-1>(4) re-enable bugzilla with /home/httpd/bug-track.conf
+set to:</font></tt>
+<br><tt><font size=-1>--------------------</font></tt>
+<br><tt><font size=-1>AddHandler cgi-script .cgi</font></tt>
+<br><tt><font size=-1>#</font></tt>
+<br><tt><font size=-1># setup ExecCGI'able directory alias from which we
+run</font></tt>
+<br><tt><font size=-1># "bugzilla" under URL "bugs"</font></tt>
+<br><tt><font size=-1>#</font></tt>
+<br><tt><font size=-1>Alias /bugs/ "/home/httpd/bugzilla/"</font></tt>
+<br><tt><font size=-1>&lt;Directory "/home/httpd/bugzilla"></font></tt>
+<br><tt><font size=-1>Options Indexes ExecCGI</font></tt>
+<br><tt><font size=-1>AllowOverride None</font></tt>
+<br><tt><font size=-1>Order allow,deny</font></tt>
+<br><tt><font size=-1>Allow from all</font></tt>
+<br><tt><font size=-1>&lt;/Directory></font></tt>
+<br><tt><font size=-1>--------------------</font></tt>
+<br><tt><font size=-1>(5) add to /home/httpd/bug-track.conf (prevent cgi
+from being</font></tt>
+<br><tt><font size=-1>written into data or shadow directories, and prevent
+contents from</font></tt>
+<br><tt><font size=-1>being read):</font></tt>
+<p><tt><font size=-1>--------------------</font></tt>
+<p><tt><font size=-1>&lt;Directory "/home/httpd/bugzilla/data"></font></tt>
+<br><tt><font size=-1>Options None</font></tt>
+<br><tt><font size=-1>AllowOverride None</font></tt>
+<br><tt><font size=-1>Deny from all</font></tt>
+<br><tt><font size=-1>&lt;/Directory></font></tt>
+<p><tt><font size=-1>&lt;Directory "/home/httpd/bugzilla/shadow"></font></tt>
+<br><tt><font size=-1>Options None</font></tt>
+<br><tt><font size=-1>AllowOverride None</font></tt>
+<br><tt><font size=-1>Deny from all</font></tt>
+<br><tt><font size=-1>&lt;/Directory></font></tt>
+<p><tt><font size=-1>--------------------</font></tt>
+<p><tt><font size=-1>(6) I noticed that my non-superuser-$PATH had wound
+up in apache's GGI</font></tt>
+<br><tt><font size=-1>environment... that $PATH included "." so that could
+have been a security-exploit-in-waiting right there... so remember, when
+restarting apache on servers, do (in tcsh anyways):</font></tt>
+<br><tt><font size=-1>unsetenv *</font></tt>
+<br><tt><font size=-1>prior to doing</font></tt>
+<br><tt><font size=-1>apachectl stop</font></tt>
+<br><tt><font size=-1>&lt;wait></font></tt>
+<br><tt><font size=-1>apachectl start</font></tt>
+<p><i><b>Q</b>: I've implemented the security fixes mentioned in Chris
+Yeh's security advisory of 5/10/2000 advising not to run MySQL as root,
+and am running into problems with MySQL no longer working correctly.</i>
+<br><b><i>A</i></b>: Mozilla.org had a problem getting enough file descriptors
+once they stopped running mysql as root; they have many tables in their
+database and had "shadowdb" turned on, which doubles the number of tables.
+Terry mentioned in IRC: "I added the line "ulimit -n unlimited" to the
+/bin/sh script in /etc/init.d that starts mysqld." That should fix ulimit
+problems with MySQL.
+<br>&nbsp;
+<blockquote>
+<h3>
+<a NAME="BZEMAIL"></a>EMAIL</h3>
+</blockquote>
+
+<p><br><i><b>Q</b>: I have a user who doesn't want to receive any more
+email from Bugzilla. How do I stop it entirely for this user?</i>
+<br><b><i>A</i></b>: Easy. Add his/her login name to "bugzilla_home/data/nomail".
+One entry per line. It must match the login name exactly.
+<br><b>UPDATE</b>:&nbsp; I'm not sure this works as advertised...&nbsp;
+Anyone know of any bugs with this solution?
+<p><i><b>Q</b>: I'm evaluating/testing Bugzilla, and don't want it to send
+email to anyone but me. How do I do it?</i>
+<br><b><i>A</i></b>: According to Terry, the *correct* way to do this is,
+in editparams.cgi: "Go tweak the param for the mail text, replacing "To:"
+with "X-Real-To:", and replacing "Cc:" with "X-Real-CC", and add a "To:
+(myemailaddress)". This param file can also be manually edited bugzilla_home/data/params
+(but is not recommended).
+<p><b><i>Q</i></b>: <i>I want whineatnews.pl to whine at something more,
+or other than, only new bugs. How do I do it?</i>
+<br><b><i>A</i></b>: Try Klaas Freitag's excellent patch for "whineatassigned"
+functionality. You can find it at <a href="http://bugzilla.mozilla.org/show_bug.cgi?id=6679">http://bugzilla.mozilla.org/show_bug.cgi?id=6679</a>.
+Realize that as Bugzilla progresses, this patch may go out of date. At
+present, I know of no plans to integrate this functionality into the core
+Bugzilla distribution.
+<p><b><i>Q</i></b>: <i>I don't like/want to use Procmail to handle email
+to bugzilla. What else can I use?</i>
+<br><b><i>A</i></b>:&nbsp; Bugzilla can work with alternate MTA's/filters,
+but there is no documentation how.
+<p><b><i>Q</i></b>: <i>How do I set up the email interface to submit/change
+bugs via email?</i>
+<br><b><i>A</i></b>: Download the tarball or CVS and extract it (if applicable).
+CD to the (bugzilla_home)/contrib directory, and read the README contained
+therein. Seth will be pulling his changes (the bugzilla email submission
+stuff) into the main tree sometime as soon as he gets the OK from the powers-that-be.
+Procmail is included by default on most Linux distributions, and if you
+use the bugzilla.procmailrc file as the .procmailrc for the user bugzilla
+runs as, it works pretty quickly.
+<br>My setup is a little different from the standard way of doing things.
+Here's what I do:
+<ol>
+<li>
+cd (bugzilla_home, wherever that is)</li>
+
+<li>
+chmod 775 contrib</li>
+
+<li>
+chmod 644 contrib/*</li>
+
+<li>
+chmod 755 contrib/*.pl</li>
+
+<li>
+chmod 777 data</li>
+
+<li>
+chmod -R 775 data/mimedump-tmp</li>
+
+<li>
+chmod -R 775 data/mining</li>
+
+<li>
+vi /etc/aliases: add&nbsp; 'bugs: | "/usr/bin/procmail -m /etc/procmailrcs/bugs"'</li>
+
+<li>
+cp /usr/local/bugzilla/contrib/bugzilla.procmailrc /etc/procmailrcs/bugs</li>
+
+<li>
+chmod 775 /etc/procmailrcs/bugs</li>
+
+<li>
+And, in my case, since we use Linux-Mandrake most everywhere (which includes
+some extra security options), I also had to "ln -s /usr/bin/procmail /etc/smrsh/procmail.&nbsp;
+smrsh is a way to prevent people from running any applications over Sendmail
+unless you specify it in this directory.&nbsp; YMMV.</li>
+</ol>
+If you've followed the README, you should be good to go; send an email
+to "bugs@my.host.name" and watch it work.
+<p><b><i>Q</i></b>: <i>Email takes FOREVER to reach me from bugzilla --
+it's extremely slow. What gives?</i>
+<br><b><i>A</i></b>: If you are using an alternate Mail Transport Agent
+(MTA other than sendmail), make sure the options given in the "processmail"
+script for all instances of "sendmail" are correct for your MTA. If you
+are using Sendmail, you may wish to delete the "-ODeliveryMode=deferred"
+option in the "processmail" script for every invocation of "sendmail".
+(Be sure and leave the "-t" option, though!)&nbsp; This option is put into
+the code to handle the massive mail delivery load bugzilla.mozilla.org
+gets -- but most of us don't need it.&nbsp; We're lobbying to make it a
+settable parameter.&nbsp; Realize if you turn this off, and plan on sending
+more than a few hundred email messages a day, people may experience nasty
+slowdowns when submitting changes to bugs because Sendmail insists on delivering
+it *that instant*.
+<p><b><i>Q</i></b>: <i>Email never reaches me from bugzilla changes! What
+gives?</i>
+<br><b><i>A</i></b>: Chances are really good Bugzilla expects "sendmail"
+to live somewhere else than you have it installed. Make sure your "sendmail"
+lives in, or has a symlink to, "/usr/lib/sendmail".
+<br>&nbsp;
+<blockquote>
+<h3>
+<a NAME="BZDATABASE"></a>DATABASE</h3>
+</blockquote>
+<b><i>Q</i></b>: <i>I've heard Bugzilla can be used with Oracle?</i>
+<br><b><i>A</i></b>: <a href="http://bugzilla.redhat.com/">Red Hat Bugzilla</a>
+works with Oracle.&nbsp; The current mozilla.org version takes some work,
+though.
+<p><b><i>Q:</i></b> <i>Bugs are missing from queries, but exist in the
+database (and I can pull them up by specifying the bug ID). What's wrong?</i>
+<br><b><i>A</i></b>: You've almost certainly enabled the "shadow database",
+but for some reason it hasn't been updated for all your bugs. This is the
+database against which queries are run, so that really complex or slow
+queries won't lock up portions of the database for other users. You can
+turn off the shadow database in editparams.cgi. If you wish to continue
+using the shadow database, then as your "bugs" user run "./syncshadowdb
+-syncall" from the command line in the bugzilla installation directory
+to recreate your shadow database. After it finishes, be sure to check the
+params and make sure that "queryagainstshadowdb" is still turned on. The
+syncshadowdb program turns it off if it was on, and is supposed to turn
+it back on when completed; that way, if it crashes in the middle of recreating
+the database, it will stay off forever until someone turns it back on by
+hand. Apparently, it doesn't always do that yet.
+<p><b>Q</b>: <i>I think my database might be corrupted, or contain invalid
+entries. What do I do?</i>
+<br>A: Run the "sanity check" utility (./sanitycheck.cgi in the bugzilla_home
+directory) to see! If it all comes back, you're OK.&nbsp; If it doesn't
+come back OK (i.e. any red letters), there are certain things Bugzilla
+can recover from and certain things it can't.&nbsp; If it can't auto-recover,
+I hope you're familiar with mysqladmin commands or have installed another
+way to manage your database...
+<p><b><i>Q</i></b>: <i>I want to manually edit some entries in my database.
+How?</i>
+<br><b>A</b>: There is no facility in Bugzilla itself to do this. It's
+also generally not a smart thing to do if you don't know exactly what you're
+doing. However, if you understand SQL you can use the mysqladmin utility
+to manually insert, delete, and modify table information. Personally, I
+hate dealing with big SELECT statements and such, so I use "<a href="http://www.phpwizard.net/phpMyAdmin/">phpMyAdmin</a>",
+to do all my database administration. You have to compile a PHP module
+with MySQL support to make it work, but it's very clean and easy to use.&nbsp;
+There are other utilities that work, as well, but I am lacking URL's.
+<p><b>Q</b>: <i>MySQL GPL edition doesn't seem to work...</i>
+<br><b><i>A</i></b>: Right! It doesn't! It's too old. Download the latest
+tarball or rpm from <a href="http://www.mysql.com/">www.mysql.com</a> if
+you want this to work.
+<p><b><i>Q</i></b>: <i>I think I've set up MySQL permissions correctly,
+but bugzilla still can't connect.</i>
+<br><b><i>A</i></b>: Try running MySQL from it's binary: "mysqld --skip-grant-tables".
+This will allow you to completely rule out grant tables as the cause of
+your frustration. However, I do not recommend you run it this way on a
+regular basis, unless you really want your web site defaced and your machine
+cracked...
+<p><b><i>Q</i></b>: <i>How do I synchronize bug information among multiple
+different Bugzilla databases?</i>
+<br><b><i>A</i></b>: Currently, there is no way to do this. However, a
+discussion about this has raged on and off in the newsgroup -- feel free
+to whip something up, put it out there, and see how it's received. We're
+at the point where most folks are sick of discussion. If you can create
+a working model with working code, that's 90% of the battle.
+<p><i><b>Q:&nbsp; </b>I get bizarre errors when trying to submit data,
+particularly problems with "groupset".&nbsp; What gives?</i>
+<br>A:&nbsp; If you're sure your MySQL parameters are correct, you might
+want turn "strictvaluechecks" OFF in editparams.cgi.&nbsp; If you have
+"usebugsentry" set "On", you also cannot submit a bug as readable by more
+than one group with "strictvaluechecks" ON.
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZNT"></a>BUGZILLA AND WINDOWS NT</h2></center>
+
+<center>or "Welcome to Microsoft, where we put the 'NT' in "CAN'T"!</center>
+
+<hr WIDTH="100%">
+<p>Right now, running Bugzilla under Windows NT is an extremely hairy process.
+I'll provide the instructions below, but please don't ask me how it's done
+-- getting this working on NT involves a lot of patience, skill, and PFM
+(Pure Fscking Magic). As far as I know, nobody has been able to get a recent
+(2.8 or post) version of Bugzilla running on NT. If you know different,
+or can provide updated instructions to those provided below, please email
+<a href="mailto:mbarnson@excitehome.net">Matthew
+Barnson</a> with details.
+<br>These are hints straight out of the newsgroup discussions.&nbsp; I
+can't offer much more editing or insight, since I don't manage Bugzilla
+on any NT boxes.
+<p><b><i>Q</i></b>: <i>What is the easiest way to run Bugzilla on NT?</i>
+<br><b><i>A</i></b>: Remove NT. Install Linux. Slap a label on the box
+that says "Windows NT." The boss will never know the difference, except
+perhaps wonder why the machine isn't crashing anymore.
+<p><b><i>Q</i></b>: <i>CGI's are failing with a "something.cgi is not a
+valid Windows NT application" error. Why?</i>
+<br><b><i>A:</i></b> Depending on what Web server you are using, you will
+have to configure the Web server to treat *.cgi files as CGI scripts. In
+IIS, you do this by adding *.cgi to the App Mappings with the &lt;path>\perl.exe
+%s %s as the executable.
+<br>...or this tip from Microsoft's web site...
+<br>"Set application mappings. In the ISM, map the extension for the script
+file(s) to the executable for the script interpreter. For example, you
+might map the extension .py to Python.exe, the executable for the Python
+script interpreter. Note For the ActiveState Perl script interpreter, the
+extension .pl is associated with PerlIS.dll by default. If you want to
+change the association of .pl to perl.exe, you need to change the application
+mapping. In the mapping, you must add two percent (%) characters to the
+end of the pathname for perl.exe, as shown in this example: c:\perl\bin\perl.exe
+%s %s"
+<p><b><i>Q</i></b>: <i>Can I have some general instructions on how to make
+this work?</i>
+<br><b><i>A</i></b>: Sure. Your Mileage May Vary. Contact <a href="mailto:andrew_lahser@merck.com">Andrew
+Lahser&nbsp; </a>for the patches mentioned. He may decide to kill me for
+saying that, though...
+<ol>
+<li>
+#!C:/perl/bin/perl had to be added to every perl file.</li>
+
+<li>
+Converted to Net::SMTP to handle mail messages instead of /usr/bin/sendmail.</li>
+
+<li>
+The crypt function isn't available on Windows NT (at least none that I
+am aware), so I made encrypted passwords = plaintext passwords.</li>
+
+<li>
+The system call to diff had to be changed to the Cygwin diff.</li>
+
+<li>
+This was just to get a demo running under NT, it seems to be working good,
+and I have inserted almost 100 bugs from another bug tracking system. Since
+this work was done just to get an in-house demo, I am NOT planning on making
+a patch for submission to Bugzilla. If you would like a zip file, let me
+know.</li>
+</ol>
+<b><i>Q</i></b>: <i>Hmm, couldn't figure it out from the general instructions
+above.&nbsp; How about step-by-step?</i>
+<br><b><i>A</i></b>: Sure! Here ya go!
+<ol>
+<li>
+Install IIS 4.0 from the NT Option Pack #4.</li>
+
+<li>
+Download and install Active Perl.</li>
+
+<li>
+Install the Windows GNU tools from Cygwin. Make sure to add the bin directory
+to your system path. (Everyone should have these, whether they decide to
+use Bugzilla or not. :-) )</li>
+
+<li>
+Download relevant packages from ActiveState at http://www.activestate.com/packages/zips/.
++ DBD-Mysql.zip</li>
+
+<li>
+Extract each zip file with WinZip, and install each ppd file using the
+notation: ppm install &lt;module>.ppd</li>
+
+<li>
+Install Mysql.&nbsp; *Note: If you move the default install from c:\mysql,
+you must add the appropriate startup parameters to the NT service. (ex.
+-b e:\\programs\\mysql)</li>
+
+<li>
+Download any Mysql client. http://www.mysql.com/download_win.html</li>
+
+<li>
+Setup MySql. (These are the commands that I used.)</li>
+
+<ol>&nbsp;
+<br>I. Cleanup default database settings.
+<br>&nbsp;C:\mysql\bin\mysql -u root mysql
+<br>&nbsp;mysql> DELETE FROM user WHERE Host='localhost' AND User='';
+<br>&nbsp;mysql> quit
+<br>C:\mysql\bin\mysqladmin reload
+<p>II. Set password for root.
+<br>&nbsp;C:\mysql\bin\mysql -u root mysql
+<br>&nbsp;mysql> UPDATE user SET Password=PASSWORD('new_password')
+<br>&nbsp;WHERE user='root';
+<br>&nbsp;mysql> FLUSH PRIVILEGES;
+<br>&nbsp;mysql> quit
+<br>&nbsp;C:\mysql\bin\mysqladmin -u root reload
+<p>III. Create bugs user.
+<br>&nbsp;C:\mysql\bin\mysql -u root -p
+<br>&nbsp;mysql> insert into user (host,user,password) values('localhost','bugs','');
+<br>&nbsp;mysql> quit
+<br>&nbsp;C:\mysql\bin\mysqladmin -u root reload
+<p>IV. Create the bugs database.
+<br>&nbsp;C:\mysql\bin\mysql -u root -p
+<br>&nbsp;mysql> create database bugs;
+<p>V. Give the bugs user access to the bugs database.
+<br>&nbsp;mysql> insert into db (host,db,user,select_priv,insert_priv,update_priv,delete_priv,create_priv,drop_priv)
+values('localhost','bugs','bugs','Y','Y','Y','Y','Y','N')
+<br>&nbsp;mysql> quit
+<br>&nbsp;C:\mysql\bin\mysqladmin -u root reload</ol>
+
+<li>
+Run the table scripts to setup the bugs database.</li>
+
+<li>
+Change CGI.pm to use the following regular expression because of differing
+backslashes in NT versus UNIX.</li>
+
+<ul>
+<li>
+$0 =~ m:[^\\]*$:;</li>
+</ul>
+
+<li>
+Had to make the crypt password = plain text password in the database. (Thanks
+to Andrew Lahser" &lt;andrew_lahser@merck.com>" on this one.) The files
+that I changed were:</li>
+
+<ul>
+<li>
+globals.pl</li>
+
+<li>
+CGI.pl</li>
+
+<li>
+alternately, you can try commenting all references to 'crypt' string and
+replace them with similar lines but without encrypt() or crypr() functions
+insida all files.</li>
+</ul>
+
+<li>
+Replaced sendmail with Windmail. Basically, you have to come up with a
+sendmail substitute for NT. Someone said that they used a Perl module (Net::SMTP),
+but I was trying to save time and do as little Perl coding as possible.</li>
+
+<li>
+Added "perl" to the beginning of all Perl system calls that use a perl
+script as an argument and renamed processmail to processmail.pl.</li>
+
+<li>
+In processmail.pl, I added binmode(HANDLE) before all read() calls. I'm
+not sure about this one, but the read() under NT wasn't counting the EOLs
+without the binary read."</li>
+</ol>
+<b><i>Q</i></b>: <i>I'm having trouble with the perl modules for NT not
+being able to talk to to the database...</i>
+<br><b><i>A:</i></b> Your modules may be outdated or inaccurate...
+<ol>
+<li>
+Try hitting http://www.activestate.com/ActivePerl</li>
+
+<li>
+Download ActivePerl from there.</li>
+
+<br>After that:
+<li>
+go to your prompt</li>
+
+<li>
+type 'ppm'</li>
+
+<li>
+PPM> install DBI DBD-mysql GD</li>
+</ol>
+I reckon TimeDate and Data::Dumper come with the activeperl. You can check
+the ActiveState site for packages for installation through PPM. [http://www.activestate.com/Packages/]
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZUSE"></a>BUGZILLA USE</h2></center>
+
+<center>or "Keyboard: Device used for entering errors into computer"</center>
+
+<hr WIDTH="100%">
+<p><b><i>Q</i></b>: <i>How do I use "new email tech"?</i>
+<br><b><i>A</i></b>: First, go to editparams.cgi and make sure the "newemailtech"
+option is set to "on", then set the "new email tech" option in your personal
+user prefs "on".
+<p><b>Q</b>: <i>How do I make "new email tech" the default for my entire
+site?</i>
+<br><b><i>A</i></b>: You need to alter the user preferences table using
+one of the tools mentioned in the <a href="#BZDATABASE">DATABASE section</a>.
+Change the default value for "newemailtech" to "1", and change any user
+values you think apply.
+<p><b><i>Q</i></b>: <i>I'm confused by the behavior of the "accept" button
+in the Show Bug form. Why doesn't it assign the bug to me when I accept
+it?</i>
+<br><b><i>A</i></b>: Right now, how this should behave is the subject of
+considerable discussion on the mailing list and in the bug database. There
+is a <a href="http://bugzilla.mozilla.org/show_bug.cgi?id=25273">patch
+</a>for this, and a lot of talk. Tara has this to say:
+<blockquote>"I think I put this in the main bug itself, but I have to admit
+I *really* don't like the whole "accept" thing at this point. I especially
+am completely against anything that changes the current functionality,
+and am only moderately placated by the idea of seperate additional functionality.
+IMHO Bugzilla is getting so kludgy that all we're doing is making things
+harder and harder to understand and maintain, not to mention adding additional
+fields to an already almost overwhelming query form. For now I'm going
+to have to make people who want this suffer through sharing patches until
+I come up with a course of action on it."</blockquote>
+<b></b>
+<p><br><b>Q:&nbsp; </b><i>How do I enable voting?</i>
+<br><b><i>A</i></b>:&nbsp; Make sure you're using at least version 2.10.&nbsp;
+It's available via editparams.cgi.
+<p><i><b>Q:&nbsp; </b>I can't upload anything into the database via the
+"Create Attachment" link.&nbsp; What am I doing wrong?</i>
+<br><b><i>A</i></b>:&nbsp; The most likely cause is a very old browser
+or a browser that is incompatible with file upload via POST.&nbsp; Download
+the latest Netscape or Microsoft browser to handle uploads correctly.
+<br>&nbsp;
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZKNOWNBUGS"></a>BUGZILLA KNOWN BUGS</h2></center>
+
+<center>or "These are all 'known bugs'. Whats the frickin' problem?"</center>
+
+<hr WIDTH="100%">
+<p><b><i>Q</i></b>:&nbsp; <i>What bugs currently exist in bugzilla?</i>
+<br><b><i>A</i></b>:&nbsp; The answer is too long (and easily outdated)
+to keep in this FAQ.&nbsp; However, bugzilla is made for this, so just
+try <a href="http://bugzilla.mozilla.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&email1=&emailtype1=substring&emailassigned_to1=1&email2=&emailtype2=substring&emailreporter2=1&bugidtype=include&bug_id=&changedin=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&product=Webtools&component=Bugzilla&short_desc=&short_desc_type=substring&long_desc=&long_desc_type=substring&bug_file_loc=&bug_file_loc_type=substring&status_whiteboard=&status_whiteboard_type=substring&keywords=&keywords_type=anywords&field0-0-0=noop&type0-0-0=noop&value0-0-0=&order=bugs.bug_id">this
+link</a>.
+<p><b><i>Q</i></b>:&nbsp; <i>Groups don't quite work right yet...</i>
+<br><b><i>A</i></b>:&nbsp; Correct.&nbsp; That's a current area of hacking.&nbsp;
+You may want to check out Loki's version of Bugzilla for some patches that
+support the group functionality you need.
+<p><i><b>Q</b>:&nbsp; Why can't I set "target milestone" to something other
+than a number?</i>
+<br><b><i>A</i></b>:&nbsp; The concept of a target milestone was initially
+that each group would have their own definition for what each target milestone
+number is, but share a common pool of numbers.&nbsp; Unfortunately, this
+concept has proven confusing for new and experienced users alike.&nbsp;
+Someone needs to pick up the ball and run with "target milestone" so it
+has the following features:
+<ul>
+<li>
+Each Product can have milestone names independent of the other projects</li>
+
+<li>
+Each Product can use numbers or names for arbitrary milestones</li>
+
+<li>
+There must be a clean way to define these milestones without a ridiculously
+complex params file</li>
+</ul>
+<i><b>Q:&nbsp; </b>Why shouldn't I delete bugs?</i>
+<br><i>A</i>:&nbsp; If you allow bug deletion, you run the risk of screwing
+up dependencies in your database.&nbsp; While these aren't always critical,
+it's sometimes tought to repair.&nbsp; I recommend you do not allow bug
+deletion.
+<br>&nbsp;
+<br>&nbsp;
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BZHACKING"></a>BUGZILLA HACKING</h2></center>
+
+<center>or "Who's this General Failure guy, and why is he trying to read
+my hard drive?"</center>
+
+<hr WIDTH="100%">
+<p><b><i>Q</i></b>: <i>What's the best way to submit patches?&nbsp; What
+guidelines should I follow.</i>
+<br>A:&nbsp; Tara summed this FAQ up nicely:
+<blockquote>"Well, I guess I'd better answer this, as I'm the one who's
+supposed to be in charge of this stuff...
+<br>I say, if you have a patch that is a bug fix or feature enhancement,
+log a bug and attach the patch.&nbsp; I've inherited almost 300 bugs from
+the ownership transition, so I can't guarantee how soon I'll get to it,
+but I'm steadily working my way through the bug list and trying to pay
+special attention to all bugs that do come with patches. Secondly, if you'd
+like faster feedback or better exposure, I'd post the bug number URL to
+the newsgroup so more people can have a look and provide feedback, suggestions,
+etc.&nbsp; That way I think all bases are covered. Speaking for myself
+in trying to be a good module owner, getting a new bug makes sure I
+<br>don't lose track of your patch, so this makes it easier for me."</blockquote>
+<i><b>Q</b>:</i>&nbsp; <i>What does the above mean for me when I want to
+submit a bug?</i>
+<br><b><i>A</i></b>:&nbsp; Follow this procedure:
+<ol>
+<li>
+<a href="http://bugzilla.mozilla.org/enter_bug.cgi?product=Webtools">Enter
+a bug</a> into bugzilla.mozilla.org for the "Webtools" product, "Bugzilla"
+component.</li>
+
+<li>
+Upload your patch as a unified DIFF (or new source file) by clicking "Create
+a new attachment" link on the bug page you've just created, and include
+any descriptions of database changes you may make, into the bug ID you
+submitted in step #1.</li>
+
+<li>
+Announce your patch and the associated URL (http://bugzilla.mozilla.org/show_bug.cgi?id=XXXX)
+for discussion in the <a href="news://news.mozilla.org/netscape.public.mozilla.webtools">newsgroup</a>
+(netscape.public/mozilla.webtools).&nbsp; You'll get a really good, fairly
+immediate reaction to the implications of your patch, which will also give
+Tara an idea how well-received the change would be.</li>
+
+<li>
+If it passes muster with minimal modification, Tara will put it into CVS.&nbsp;
+If you submit enough really good patches (I have no idea how much "enough"
+is), you may be granted CVS write access.</li>
+
+<li>
+Bask in the glory of the fact that YOU helped write the most successful
+open-source bug-tracking software on the planet :)</li>
+</ol>
+
+<blockquote>
+<h3>
+<a NAME="BZAPI"></a>API</h3>
+</blockquote>
+<b><i>Q</i></b>:&nbsp; <i>I want to add a new form or module to Bugzilla.&nbsp;
+Where can I find API documention?</i>
+<br>A:&nbsp; Right now, there really is none.&nbsp; I plan on writing copious
+documentation for what each file and module does, as well how to program
+new .cgi's to use the functionality and present alternate interfaces.
+<p>CGI scripts:
+<ul>
+<li>
+backdoor.cgi</li>
+
+<li>
+buglist.cgi</li>
+
+<li>
+changepassword.cgi</li>
+
+<li>
+colchange.cgi</li>
+
+<li>
+createaccount.cgi</li>
+
+<li>
+createattachment.cgi</li>
+
+<li>
+describecomponents.cgi</li>
+
+<li>
+describekeywords.cgi</li>
+
+<li>
+doeditparams.cgi</li>
+
+<li>
+doeditvotes.cgi</li>
+
+<li>
+editcomponents.cgi</li>
+
+<li>
+editgroups.cgi</li>
+
+<li>
+editkeywords.cgi</li>
+
+<li>
+editmilestones.cgi</li>
+
+<li>
+editparams.cgi</li>
+
+<li>
+editproducts.cgi</li>
+
+<li>
+editusers.cgi</li>
+
+<li>
+editversions.cgi</li>
+
+<li>
+enter_bug.cgi</li>
+
+<li>
+long_list.cgi</li>
+
+<li>
+new_comment.cgi</li>
+
+<li>
+post_bug.cgi</li>
+
+<li>
+process_bug.cgi</li>
+
+<li>
+query.cgi</li>
+
+<li>
+relogin.cgi</li>
+
+<li>
+reports.cgi</li>
+
+<li>
+sanitycheck.cgi</li>
+
+<li>
+show_activity.cgi</li>
+
+<li>
+show_bug.cgi</li>
+
+<li>
+showattachment.cgi</li>
+
+<li>
+showdependencygraph.cgi</li>
+
+<li>
+showdependencytree.cgi</li>
+
+<li>
+showvotes.cgi</li>
+
+<li>
+userprefs.cgi</li>
+</ul>
+PM/pl modules:
+<ul>
+<li>
+contrib/BugzillaEmail.pm</li>
+
+<li>
+contrib/bug_email.pl</li>
+
+<li>
+contrib/bugzilla_email_append.pl</li>
+
+<li>
+contrib/gnats2bz.pl</li>
+
+<li>
+CGI.pl</li>
+
+<li>
+bug_form.pl</li>
+
+<li>
+checksetup.pl</li>
+
+<li>
+collectstats.pl</li>
+
+<li>
+defparams.pl</li>
+
+<li>
+globals.pl</li>
+
+<li>
+whineatnews.pl</li>
+
+<li>
+RelationSet.pm</li>
+</ul>
+HTML:
+<ul>
+<li>
+contrib/bugmail_help.html</li>
+
+<li>
+booleanchart.html</li>
+
+<li>
+bug_status.html</li>
+
+<li>
+bugwritinghelp.html</li>
+
+<li>
+confirmhelp.html</li>
+
+<li>
+help.html</li>
+
+<li>
+helpemailquery.html</li>
+
+<li>
+how_to_mail.html</li>
+
+<li>
+index.html</li>
+
+<li>
+newquip.html</li>
+
+<li>
+notargetmilestone.html</li>
+
+<li>
+votehelp.html</li>
+</ul>
+
+<p><br><b><i>Q</i></b>: What are the most-needed features?
+<br><b><i>A</i></b>:&nbsp; Check out the Bugzilla Development Roadmap at
+<a href="http://www.mozilla.org/projects/bugzilla/roadmap.html">http://www.mozilla.org/projects/bugzilla/roadmap.html</a>
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="TINDERBOX"></a>TINDERBOX</h2></center>
+
+<center>or "Friendly Fire... isn't"</center>
+
+<hr WIDTH="100%">
+<br>I don't use it yet -- anybody have good FAQ's for this area?
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="BONSAI"></a>BONSAI</h2></center>
+
+<center>or "I like to climb trees and eat peanut butter with a spatula
+while singing operas."</center>
+
+<hr WIDTH="100%">
+<br>Same as Tinderbox. But these are still part of webtools, so they need
+to be here for completeness.
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+<a NAME="MAINTAINER"></a>MAINTAINER &amp; THIS DOCUMENT</h2></center>
+
+<hr WIDTH="100%">
+<p><i><b>Q:&nbsp; </b>Why do you use this antiquated format for maintaining
+the FAQ, instead of FAQ-O-Matic or (insert cool FAQ program here)</i>
+<br><b><i>A:&nbsp; </i></b>I'm actively seeking a better way to maintain
+this.&nbsp; It's easily maintainable in it's current form, but as it grows
+it will become much less so.&nbsp; I'm interested in more options, but
+don't want to lose control of the FAQ or be subjected to a page that's
+a nest of hyperlinks and unprintable.&nbsp; The FAQ-O-Matic tends to create
+FAQ's that cannot be easily printed as one page, and not easily portable
+to another format (particulary PDF).&nbsp; One must be able to maintain
+the FAQ as a single, printable document; if you know of a good system that
+will fit the bill, let me know.
+<p><b><i>Q</i></b>: <i>Who are you?</i>
+<br><b><i>A</i></b>:&nbsp; I'm Matthew P. Barnson, manager of Systems Administration
+for <a href="http://www.excitestores.com">Excite@Home E-Business Services
+</a>and
+part-time Bugzilla hacker :)
+<p><b><i>Q</i></b>: <i>Why are you doing this?</i>
+<br><b><i>A</i></b>:&nbsp; I have nothing better to do with my time!
+<br>&nbsp; Seriously, I run a fairly large private Bugzilla database.&nbsp;
+I felt the need for some documentation to help other SysAdmins run this
+thing.&nbsp; There was nothing out there like it, so I decided to improve
+what I'd written for internal documentation with more general questions
+and release it to the public under the MPL.&nbsp; I feel like the Mozilla
+Webtools are far more in need of good documentation and a major architectural
+rewrite than they are more hacks to support more features.&nbsp; Since
+I'm not qualified to write more than trivial hacks for Bugzilla if I were
+to code, I figured doing some documentation would be A Good Thing.
+<p><b><i>Q</i></b>:&nbsp; <i>How are you affiliated with <a href="http://www.mozilla.org">Mozilla.org</a>?</i>
+<br><i>A</i>:&nbsp; I'm not.
+<p><b><i>Q</i></b>:&nbsp; <i>Where do those lame quotes in each section
+heading come from?</i>
+<br><b><i>A</i></b>:&nbsp; Check out <a href="http://bugzilla.mozilla.org/data/comments">http://bugzilla.mozilla.org/data/comments</a>.&nbsp;
+These are random quips added by people who use bugzilla.&nbsp; I find them
+endlessly entertaining.
+<br>&nbsp; I am personally attempting to address the numerous documentation
+needs, including an Installation guide (based upon the README), Administration
+Guide, Troubleshooting guide, Database Management Guide, and Configuration
+Guide.
+<br>&nbsp;
+<p>
+<hr WIDTH="100%">
+<center>
+<h2>
+THE END</h2></center>
+
+<hr WIDTH="100%">
+</body>
+</html>