diff options
author | justdave%syndicomm.com <> | 2002-05-01 18:28:45 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2002-05-01 18:28:45 +0200 |
commit | 81d43fa41c61fc801863c9aabeae137c122e5e46 (patch) | |
tree | 5c2a943cb841894a9628a81756d5ccc482d6adb4 /docs/txt | |
parent | f36d5f6f92314625958611f28dea5077fd0f68ac (diff) | |
download | bugzilla-81d43fa41c61fc801863c9aabeae137c122e5e46.tar.gz bugzilla-81d43fa41c61fc801863c9aabeae137c122e5e46.tar.xz |
Full recompile of the docs so everyone can see what the current SGML docs actually look like in HTML.
Diffstat (limited to 'docs/txt')
-rw-r--r-- | docs/txt/Bugzilla-Guide.txt | 2729 |
1 files changed, 1303 insertions, 1426 deletions
diff --git a/docs/txt/Bugzilla-Guide.txt b/docs/txt/Bugzilla-Guide.txt index 200ec5c23..2cb5f95c8 100644 --- a/docs/txt/Bugzilla-Guide.txt +++ b/docs/txt/Bugzilla-Guide.txt @@ -1,12 +1,14 @@ -The Bugzilla Guide - -Matthew P. Barnson +The Bugzilla GuideMatthew P. Barnson barnboy@trilobyte.net - Zach Lipton + +Zach Lipton zach AT zachlipton DOT com + +2001-04-25 + Revision History Revision v2.11 20 December 2000 Revised by: MPB Converted the README, FAQ, and DATABASE information into SGML docbook @@ -35,22 +37,22 @@ Matthew P. Barnson referenced other parts of the Guide, and nuked the old MySQL permissions section. - This is the documentation for Bugzilla, the Mozilla bug-tracking + This is the documentation for Bugzilla, the Mozilla bug-tracking system. - Bugzilla is an enterprise-class set of software utilities that, when - used together, power issue-tracking for hundreds of organizations - around the world, tracking millions of bugs. While it is easy to use - and quite flexible, it is difficult for a novice to install and - maintain. Although we have provided step-by-step directions, Bugzilla - is not always easy to get working. Please be sure the person - responsible for installing and maintaining this software is a + Bugzilla is an enterprise-class set of software utilities that, when + used together, power issue-tracking for hundreds of organizations + around the world, tracking millions of bugs. While it is easy to use + and quite flexible, it is difficult for a novice to install and + maintain. Although we have provided step-by-step directions, Bugzilla + is not always easy to get working. Please be sure the person + responsible for installing and maintaining this software is a qualified professional for the operating system upon which you install Bugzilla. - THIS DOCUMENTATION IS MAINTAINED IN DOCBOOK 4.1.2 XML FORMAT. IF YOU + THIS DOCUMENTATION IS MAINTAINED IN DOCBOOK 4.1.2 XML FORMAT. IF YOU WISH TO MAKE CORRECTIONS, PLEASE MAKE THEM IN PLAIN TEXT OR SGML DIFFS - AGAINST THE SOURCE. I CANNOT ACCEPT ADDITIONS TO THE GUIDE WRITTEN IN + AGAINST THE SOURCE. I CANNOT ACCEPT ADDITIONS TO THE GUIDE WRITTEN IN HTML! _________________________________________________________________ @@ -72,94 +74,23 @@ Matthew P. Barnson 2.1. What is Bugzilla? 2.2. Why Should We Use Bugzilla? 2.3. How do I use Bugzilla? - - 2.3.1. Create a Bugzilla Account - 2.3.2. The Bugzilla Query Page - 2.3.3. Creating and Managing Bug Reports - - 2.3.3.1. Writing a Great Bug Report - 2.3.3.2. Managing your Bug Reports - 2.4. Where can I find my user preferences? - - 2.4.1. Account Settings - 2.4.2. Email Settings - - 2.4.2.1. Email Notification - 2.4.2.2. New Email Technology - 2.4.2.3. "Watching" Users - - 2.4.3. Page Footer - 2.4.4. Permissions - 2.5. Using Bugzilla-Conclusion 3. Installation 3.1. ERRATA 3.2. Step-by-step Install - - 3.2.1. Introduction - 3.2.2. Installing the Prerequisites - 3.2.3. Installing MySQL Database - 3.2.4. Perl (5.004 or greater) - 3.2.5. DBI Perl Module - 3.2.6. Data::Dumper Perl Module - 3.2.7. MySQL related Perl Module Collection - 3.2.8. TimeDate Perl Module Collection - 3.2.9. GD Perl Module (1.8.3) - 3.2.10. Chart::Base Perl Module (0.99c) - 3.2.11. DB_File Perl Module - 3.2.12. HTTP Server - 3.2.13. Installing the Bugzilla Files - 3.2.14. Setting Up the MySQL Database - 3.2.15. Tweaking localconfig - 3.2.16. Setting Up Maintainers Manually (Optional) - 3.2.17. The Whining Cron (Optional) - 3.2.18. Bug Graphs (Optional) - 3.2.19. Securing MySQL - 3.3. Mac OS X Installation Notes 3.4. BSD Installation Notes 3.5. Installation General Notes - - 3.5.1. Modifying Your Running System - 3.5.2. Upgrading From Previous Versions - 3.5.3. .htaccess files and security - 3.5.4. mod_throttle and Security - 3.5.5. Preventing untrusted Bugzilla content from executing - malicious Javascript code - - 3.5.6. UNIX Installation Instructions History - 3.6. Win32 Installation Notes - 3.6.1. Win32 Installation: Step-by-step - 3.6.2. Additional Windows Tips - 3.6.3. Bugzilla LDAP Integration - 4. Administering Bugzilla 4.1. Post-Installation Checklist 4.2. User Administration - - 4.2.1. Creating the Default User - 4.2.2. Managing Other Users - - 4.2.2.1. Logging In - 4.2.2.2. Creating new users - 4.2.2.3. Disabling Users - 4.2.2.4. Modifying Users - 4.3. Product, Component, Milestone, and Version Administration - - 4.3.1. Products - 4.3.2. Components - 4.3.3. Versions - 4.3.4. Milestones - 4.3.5. Voting - 4.3.6. Groups and Group Security - 4.4. Bugzilla Security 5. Integrating Bugzilla with Third-Party Tools @@ -185,11 +116,6 @@ Matthew P. Barnson C.1. Database Schema Chart C.2. MySQL Bugzilla Database Introduction - - C.2.1. Bugzilla Database Basics - - C.2.1.1. Bugzilla Database Tables - C.3. MySQL Permissions & Grant Tables D. Useful Patches and Utilities for Bugzilla @@ -200,11 +126,6 @@ Matthew P. Barnson D.4. The Quicksearch Utility D.5. Hacking Bugzilla - D.5.1. Things that have caused problems and should be - avoided - - D.5.2. Coding Style for Bugzilla - E. GNU Free Documentation License 0. PREAMBLE @@ -228,7 +149,8 @@ Matthew P. Barnson 3-1. Setting up bonsaitools symlink 3-2. Running checksetup.pl as the web user 3-3. Installing ActivePerl ppd Modules on Microsoft Windows - 3-4. Removing encrypt() for Windows NT Bugzilla version 2.12 or + 3-4. Installing OpenInteract ppd Modules manually on Microsoft Windows + 3-5. Removing encrypt() for Windows NT Bugzilla version 2.12 or earlier 4-1. Creating some Components @@ -246,40 +168,38 @@ Chapter 1. About This Guide 1.1. Purpose and Scope of this Guide - This document was started on September 17, 2000 by Matthew P. Barnson - after a great deal of procrastination updating the Bugzilla FAQ, which - I left untouched for nearly half a year. After numerous complete - rewrites and reformatting, it is the document you see today. - - Bugzilla is simply the best piece of bug-tracking software the world - has ever seen. This document is intended to be the comprehensive guide - to the installation, administration, maintenance, and use of the - Bugzilla bug-tracking system. - - This release of the Bugzilla Guide is the 2.14 release. It is so named - that it may match the current version of Bugzilla. The numbering - tradition stems from that used for many free software projects, in - which even-numbered point releases (1.2, 1.14, etc.) are considered - "stable releases", intended for public consumption; on the other hand, - odd-numbered point releases (1.3, 2.09, etc.) are considered unstable - development releases intended for advanced users, systems - administrators, developers, and those who enjoy a lot of pain. - - Newer revisions of the Bugzilla Guide follow the numbering conventions - of the main-tree Bugzilla releases, available at - http://www.mozilla.org/projects/bugzilla. Intermediate releases will - have a minor revision number following a period. The current version - of Bugzilla, as of this writing (August 10, 2001) is 2.14; if - something were seriously wrong with that edition of the Guide, - subsequent releases would receive an additional dotted-decimal digit - to indicate the update (2.14.1, 2.14.2, etc.). Got it? Good. - - I wrote this in response to the enormous demand for decent Bugzilla - documentation. I have incorporated instructions from the Bugzilla - README, Frequently Asked Questions, Database Schema Document, and - various mailing lists to create it. Chances are, there are glaring - errors in this documentation; please contact <barnboy@trilobyte.net> - to correct them. +This document was started on September 17, 2000 by Matthew P. Barnson after +a great deal of procrastination updating the Bugzilla FAQ, which I left +untouched for nearly half a year. After numerous complete rewrites and +reformatting, it is the document you see today. + +Bugzilla is simply the best piece of bug-tracking software the world has +ever seen. This document is intended to be the comprehensive guide to the +installation, administration, maintenance, and use of the Bugzilla +bug-tracking system. + +This release of the Bugzilla Guide is the 2.14 release. It is so named that +it may match the current version of Bugzilla. The numbering tradition stems +from that used for many free software projects, in which even-numbered point +releases (1.2, 1.14, etc.) are considered "stable releases", intended for +public consumption; on the other hand, odd-numbered point releases (1.3, +2.09, etc.) are considered unstable development releases intended for +advanced users, systems administrators, developers, and those who enjoy a +lot of pain. + +Newer revisions of the Bugzilla Guide follow the numbering conventions of +the main-tree Bugzilla releases, available at http://www.bugzilla.org/. +Intermediate releases will have a minor revision number following a period. +The current version of Bugzilla, as of this writing (August 10, 2001) is +2.14; if something were seriously wrong with that edition of the Guide, +subsequent releases would receive an additional dotted-decimal digit to +indicate the update (2.14.1, 2.14.2, etc.). Got it? Good. + +I wrote this in response to the enormous demand for decent Bugzilla +documentation. I have incorporated instructions from the Bugzilla README, +Frequently Asked Questions, Database Schema Document, and various mailing +lists to create it. Chances are, there are glaring errors in this +documentation; please contact <barnboy@trilobyte.net> to correct them. _________________________________________________________________ 1.2. Copyright Information @@ -293,124 +213,120 @@ Chapter 1. About This Guide Texts. A copy of the license is included in the section entitled "GNU Free Documentation LIcense". - --Copyright (c) 2000-2001 Matthew P. Barnson +--Copyright (c) 2000-2001 Matthew P. Barnson - If you have any questions regarding this document, its copyright, or - publishing this document in non-electronic form, please contact + If you have any questions regarding this document, its copyright, or + publishing this document in non-electronic form, please contact Matthew P. Barnson. _________________________________________________________________ 1.3. Disclaimer - No liability for the contents of this document can be accepted. Use - the concepts, examples, and other content at your own risk. As this is - a new edition of this document, there may be errors and inaccuracies - that may damage your system. Use of this document may cause your - girlfriend to leave you, your cats to pee on your furniture and - clothing, your computer to cease functioning, your boss to fire you, - and global thermonuclear war. Proceed with caution. - - All copyrights are held by their respective owners, unless - specifically noted otherwise. Use of a term in this document should - not be regarded as affecting the validity of any trademark or service - mark. - - Naming of particular products or brands should not be seen as - endorsements, with the exception of the term "GNU/Linux". I - wholeheartedly endorse the use of GNU/Linux in every situation where - it is appropriate. It is an extremely versatile, stable, and robust - operating system that offers an ideal operating environment for - Bugzilla. - - You are strongly recommended to make a backup of your system before - installing Bugzilla and at regular intervals thereafter. Heaven knows - it's saved my bacon time after time; if you implement any suggestion - in this Guide, implement this one! - - Although the Bugzilla development team has taken great care to ensure - that all easily-exploitable bugs or options are documented or fixed in - the code, security holes surely exist. Great care should be taken both - in the installation and usage of this software. Carefully consider the - implications of installing other network services with Bugzilla. The - Bugzilla development team members, Netscape Communications, America - Online Inc., and any affiliated developers or sponsors assume no - liability for your use of this product. You have the source code to - this product, and are responsible for auditing it yourself to insure - your security needs are met. +No liability for the contents of this document can be accepted. Use the +concepts, examples, and other content at your own risk. As this is a new +edition of this document, there may be errors and inaccuracies that may +damage your system. Use of this document may cause your girlfriend to leave +you, your cats to pee on your furniture and clothing, your computer to cease +functioning, your boss to fire you, and global thermonuclear war. Proceed +with caution. + +All copyrights are held by their respective owners, unless specifically +noted otherwise. Use of a term in this document should not be regarded as +affecting the validity of any trademark or service mark. + +Naming of particular products or brands should not be seen as endorsements, +with the exception of the term "GNU/Linux". I wholeheartedly endorse the use +of GNU/Linux in every situation where it is appropriate. It is an extremely +versatile, stable, and robust operating system that offers an ideal +operating environment for Bugzilla. + +You are strongly recommended to make a backup of your system before +installing Bugzilla and at regular intervals thereafter. Heaven knows it's +saved my bacon time after time; if you implement any suggestion in this +Guide, implement this one! + +Although the Bugzilla development team has taken great care to ensure that +all easily-exploitable bugs or options are documented or fixed in the code, +security holes surely exist. Great care should be taken both in the +installation and usage of this software. Carefully consider the implications +of installing other network services with Bugzilla. The Bugzilla development +team members, Netscape Communications, America Online Inc., and any +affiliated developers or sponsors assume no liability for your use of this +product. You have the source code to this product, and are responsible for +auditing it yourself to insure your security needs are met. _________________________________________________________________ 1.4. New Versions - This is the 2.14 version of The Bugzilla Guide. If you are reading - this from any source other than those below, please check one of these - mirrors to make sure you are reading an up-to-date version of the - Guide. +This is the 2.14 version of The Bugzilla Guide. If you are reading this from +any source other than those below, please check one of these mirrors to make +sure you are reading an up-to-date version of the Guide. - This document can be found in the following places: +This document can be found in the following places: * TriloBYTE * Mozilla.org * The Linux Documentation Project The latest version of this document can be checked out via CVS. Please - follow the instructions available at the Mozilla CVS page, and check + follow the instructions available at the Mozilla CVS page, and check out the mozilla/webtools/bugzilla/docs/ branch. _________________________________________________________________ 1.5. Credits - The people listed below have made enormous contributions to the - creation of this Guide, through their dedicated hacking efforts, - numerous e-mail and IRC support sessions, and overall excellent - contribution to the Bugzilla community: +The people listed below have made enormous contributions to the creation of +this Guide, through their dedicated hacking efforts, numerous e-mail and IRC +support sessions, and overall excellent contribution to the Bugzilla +community: - Terry Weissman for initially writing Bugzilla and creating the README - upon which the UNIX installation documentation is largely based. +Terry Weissman for initially writing Bugzilla and creating the README upon +which the UNIX installation documentation is largely based. - Tara Hernandez for keeping Bugzilla development going strong after - Terry left Mozilla.org +Tara Hernandez for keeping Bugzilla development going strong after Terry +left Mozilla.org - Dave Lawrence for providing insight into the key differences between - Red Hat's customized Bugzilla, and being largely responsible for the - "Red Hat Bugzilla" appendix +Dave Lawrence for providing insight into the key differences between Red +Hat's customized Bugzilla, and being largely responsible for the "Red Hat +Bugzilla" appendix - Dawn Endico for being a hacker extraordinaire and putting up with my - incessant questions and arguments on irc.mozilla.org in #mozwebtools +Dawn Endico for being a hacker extraordinaire and putting up with my +incessant questions and arguments on irc.mozilla.org in #mozwebtools - Last but not least, all the members of the - netscape.public.mozilla.webtools newsgroup. Without your discussions, - insight, suggestions, and patches, this could never have happened. +Last but not least, all the members of the netscape.public.mozilla.webtools +newsgroup. Without your discussions, insight, suggestions, and patches, this +could never have happened. _________________________________________________________________ 1.6. Contributors - Thanks go to these people for significant contributions to this - documentation (in no particular order): +Thanks go to these people for significant contributions to this +documentation (in no particular order): - Andrew Pearson, Spencer Smith, Eric Hanson, Kevin Brannen, Ron - Teitelbaum, Jacob Steenhagen, Joe Robins +Andrew Pearson, Spencer Smith, Eric Hanson, Kevin Brannen, Ron Teitelbaum, +Jacob Steenhagen, Joe Robins _________________________________________________________________ 1.7. Feedback - I welcome feedback on this document. Without your submissions and - input, this Guide cannot continue to exist. Please mail additions, - comments, criticisms, etc. to <barnboy@trilobyte.net>. Please send - flames to <devnull@localhost> +I welcome feedback on this document. Without your submissions and input, +this Guide cannot continue to exist. Please mail additions, comments, +criticisms, etc. to <barnboy@trilobyte.net>. Please send flames to +<devnull@localhost> _________________________________________________________________ 1.8. Translations - The Bugzilla Guide needs translators! Please volunteer your - translation into the language of your choice. If you will translate - this Guide, please notify the members of the mozilla-webtools mailing - list at <mozilla-webtools@mozilla.org>, and arrange with Matt Barnson - to check it into CVS. +The Bugzilla Guide needs translators! Please volunteer your translation into +the language of your choice. If you will translate this Guide, please notify +the members of the mozilla-webtools mailing list at +<mozilla-webtools@mozilla.org>, and arrange with Matt Barnson to check it +into CVS. _________________________________________________________________ 1.9. Document Conventions - This document uses the following conventions +This document uses the following conventions Descriptions Appearance Warnings @@ -448,28 +364,28 @@ Chapter 1. About This Guide Chapter 2. Using Bugzilla - + What, Why, How, & Where? _________________________________________________________________ 2.1. What is Bugzilla? - Bugzilla is one example of a class of programs called "Defect Tracking - Systems", or, more commonly, "Bug-Tracking Systems". Defect Tracking - Systems allow individual or groups of developers to keep track of - outstanding bugs in their product effectively. Bugzilla was originally - written by Terry Weissman in a programming language called "TCL", to - replace a crappy bug-tracking database used internally for Netscape - Communications. Terry later ported Bugzilla to Perl from TCL, and in - Perl it remains to this day. Most commercial defect-tracking software - vendors at the time charged enormous licensing fees, and Bugzilla - quickly became a favorite of the open-source crowd (with its genesis - in the open-source browser project, Mozilla). It is now the de-facto - standard defect-tracking system against which all others are measured. - - Bugzilla has matured immensely, and now boasts many advanced features. - These include: +Bugzilla is one example of a class of programs called "Defect Tracking +Systems", or, more commonly, "Bug-Tracking Systems". Defect Tracking Systems +allow individual or groups of developers to keep track of outstanding bugs +in their product effectively. Bugzilla was originally written by Terry +Weissman in a programming language called "TCL", to replace a crappy +bug-tracking database used internally for Netscape Communications. Terry +later ported Bugzilla to Perl from TCL, and in Perl it remains to this day. +Most commercial defect-tracking software vendors at the time charged +enormous licensing fees, and Bugzilla quickly became a favorite of the +open-source crowd (with its genesis in the open-source browser project, +Mozilla). It is now the de-facto standard defect-tracking system against +which all others are measured. + +Bugzilla has matured immensely, and now boasts many advanced features. These +include: * integrated, product-based granular security schema * inter-bug dependencies and dependency graphing @@ -484,92 +400,92 @@ Chapter 2. Using Bugzilla Bugzilla email interface and checkin/checkout scripts) * too many more features to list - Despite its current robustness and popularity, Bugzilla faces some + Despite its current robustness and popularity, Bugzilla faces some near-term challenges, such as reliance on a single database, a lack of abstraction of the user interface and program logic, verbose email bug - notifications, a powerful but daunting query interface, little + notifications, a powerful but daunting query interface, little reporting configurability, problems with extremely large queries, some - unsupportable bug resolution options, little internationalization - (although non-US character sets are accepted for comments), and + unsupportable bug resolution options, little internationalization + (although non-US character sets are accepted for comments), and dependence on some nonstandard libraries. - Some recent headway has been made on the query front, however. If you - are using the latest version of Bugzilla, you should see a "simple - search" form on the default front page of your Bugzilla install. Type - in two or three search terms and you should pull up some relevant + Some recent headway has been made on the query front, however. If you + are using the latest version of Bugzilla, you should see a "simple + search" form on the default front page of your Bugzilla install. Type + in two or three search terms and you should pull up some relevant information. This is also available as "queryhelp.cgi". - Despite these small problems, Bugzilla is very hard to beat. It is - under very active development to address the current issues, and + Despite these small problems, Bugzilla is very hard to beat. It is + under very active development to address the current issues, and continually gains new features. _________________________________________________________________ 2.2. Why Should We Use Bugzilla? - + No, Who's on first... - For many years, defect-tracking software has remained principally the - domain of large software development houses. Even then, most shops - never bothered with bug-tracking software, and instead simply relied - on shared lists and email to monitor the status of defects. This - procedure is error-prone and tends to cause those bugs judged least + For many years, defect-tracking software has remained principally the + domain of large software development houses. Even then, most shops + never bothered with bug-tracking software, and instead simply relied + on shared lists and email to monitor the status of defects. This + procedure is error-prone and tends to cause those bugs judged least significant by developers to be dropped or ignored. These days, many companies are finding that integrated defect-tracking - systems reduce downtime, increase productivity, and raise customer - satisfaction with their systems. Along with full disclosure, an open - bug-tracker allows manufacturers to keep in touch with their clients - and resellers, to communicate about problems effectively throughout + systems reduce downtime, increase productivity, and raise customer + satisfaction with their systems. Along with full disclosure, an open + bug-tracker allows manufacturers to keep in touch with their clients + and resellers, to communicate about problems effectively throughout the data management chain. Many corporations have also discovered that - defect-tracking helps reduce costs by providing IT support - accountability, telephone support knowledge bases, and a common, - well-understood system for accounting for unusual system or software + defect-tracking helps reduce costs by providing IT support + accountability, telephone support knowledge bases, and a common, + well-understood system for accounting for unusual system or software issues. But why should you use Bugzilla? Bugzilla is very adaptable to various situations. Known uses currently - include IT support queues, Systems Administration deployment - management, chip design and development problem tracking (both - pre-and-post fabrication), and software and hardware bug tracking for - luminaries such as Redhat, Loki software, Linux-Mandrake, and VA - Systems. Combined with systems such as CVS, Bonsai, or Perforce SCM, - Bugzilla provides a powerful, easy-to-use solution to configuration + include IT support queues, Systems Administration deployment + management, chip design and development problem tracking (both + pre-and-post fabrication), and software and hardware bug tracking for + luminaries such as Redhat, Loki software, Linux-Mandrake, and VA + Systems. Combined with systems such as CVS, Bonsai, or Perforce SCM, + Bugzilla provides a powerful, easy-to-use solution to configuration management and replication problems Bugzilla can dramatically increase the productivity and accountability - of individual employees by providing a documented workflow and - positive feedback for good performance. How many times do you wake up - in the morning, remembering that you were supposed to do something - today, but you just can't quite remember? Put it in Bugzilla, and you + of individual employees by providing a documented workflow and + positive feedback for good performance. How many times do you wake up + in the morning, remembering that you were supposed to do something + today, but you just can't quite remember? Put it in Bugzilla, and you have a record of it from which you can extrapolate milestones, predict - product versions for integration, and by using Bugzilla's e-mail - integration features be able to follow the discussion trail that led + product versions for integration, and by using Bugzilla's e-mail + integration features be able to follow the discussion trail that led to critical decisions. - Ultimately, Bugzilla puts the power in your hands to improve your - value to your employer or business while providing a usable framework + Ultimately, Bugzilla puts the power in your hands to improve your + value to your employer or business while providing a usable framework for your natural attention to detail and knowledge store to flourish. _________________________________________________________________ 2.3. How do I use Bugzilla? - + Hey! I'm Woody! Howdy, Howdy, Howdy! Bugzilla is a large, complex system. Describing how to use it requires some time. If you are only interested in installing or administering a Bugzilla installation, please consult the Installing and Administering - Bugzilla portions of this Guide. This section is principally aimed - towards developing end-user mastery of Bugzilla, so you may fully - enjoy the benefits afforded by using this reliable open-source + Bugzilla portions of this Guide. This section is principally aimed + towards developing end-user mastery of Bugzilla, so you may fully + enjoy the benefits afforded by using this reliable open-source bug-tracking software. - Throughout this portion of the Guide, we will refer to user account - options available at the Bugzilla test installation, + Throughout this portion of the Guide, we will refer to user account + options available at the Bugzilla test installation, landfill.tequilarista.org. Note @@ -581,21 +497,21 @@ Chapter 2. Using Bugzilla exactly what's stumping you! If enough people complain, I'll have to fix it in the next version of this Guide. You can subscribe to the newsgroup at news://news.mozilla.org/netscape.public.mozilla.webtools - Although Landfill serves as a great introduction to Bugzilla, it does - not offer all the options you would have as a user on your own - installation of Bugzilla, nor can it do more than serve as a general - introduction to Bugzilla. Additionally, Landfill often runs + Although Landfill serves as a great introduction to Bugzilla, it does + not offer all the options you would have as a user on your own + installation of Bugzilla, nor can it do more than serve as a general + introduction to Bugzilla. Additionally, Landfill often runs cutting-edge versions of Bugzilla for testing, so some things may work slightly differently than mentioned here. _________________________________________________________________ 2.3.1. Create a Bugzilla Account - First things first! If you want to use Bugzilla, first you need to - create an account. Consult with the administrator responsible for your - installation of Bugzilla for the URL you should use to access it. If - you're test-driving the end-user Bugzilla experience, use this URL: - http://landfill.tequilarista.org/bugzilla-tip/ +First things first! If you want to use Bugzilla, first you need to create an +account. Consult with the administrator responsible for your installation of +Bugzilla for the URL you should use to access it. If you're test-driving the +end-user Bugzilla experience, use this URL: +http://landfill.tequilarista.org/bugzilla-tip/ 1. Click the "Open a new Bugzilla account" link. 2. Enter your "E-mail address" and "Real Name" (or whatever name you @@ -628,47 +544,44 @@ Chapter 2. Using Bugzilla filled out, please overwrite the contents of the text box so you can be sure to input the correct information. - Congratulations! If you followed these directions, you now are the - proud owner of a user account on landfill.tequilarista.org (Landfill) - or your local Bugzilla install. You should now see in your browser a - page called the "Bugzilla Query Page". It may look daunting, but with + Congratulations! If you followed these directions, you now are the + proud owner of a user account on landfill.tequilarista.org (Landfill) + or your local Bugzilla install. You should now see in your browser a + page called the "Bugzilla Query Page". It may look daunting, but with this Guide to walk you through it, you will master it in no time. _________________________________________________________________ 2.3.2. The Bugzilla Query Page - The Bugzilla Query Page is the heart and soul of the Bugzilla user - experience. It is the master interface where you can find any bug - report, comment, or patch currently in the Bugzilla system. We'll go - into how to create your own bug report later on. - - There are efforts underway to simplify query usage. If you have a - local installation of Bugzilla 2.12 or higher, you should have - quicksearch.html available to use and simplify your searches. There is - also a helper for the query interface, called queryhelp.cgi. Landfill - tends to run the latest code, so these two utilities should be - available there for your perusal. - - At this point, let's visit the query page. - landfill.tequilarista.org/bugzilla-tip/query.cgi - - The first thing you need to notice about the Bugzilla Query Page is - that nearly every box you see on your screen has a hyperlink nearby, - explaining what it is or what it does. Near the upper-left-hand corner - of your browser window you should see the word "Status" underlined. - Select it. - - Notice the page that popped up? Every underlined word you see on your - screen is a hyperlink that will take you to context-sensitive help. - Click around for a while, and learn what everything here does. To - return to the query interface after pulling up a help page, use the - "Back" button in your browser. - - I'm sure that after checking out the online help, you are now an - expert on the Bugzilla Query Page. If, however, you feel you haven't - mastered it yet, let me walk you through making a few successful - queries to find out what there are in the Bugzilla bug-tracking system - itself. +The Bugzilla Query Page is the heart and soul of the Bugzilla user +experience. It is the master interface where you can find any bug report, +comment, or patch currently in the Bugzilla system. We'll go into how to +create your own bug report later on. + +There are efforts underway to simplify query usage. If you have a local +installation of Bugzilla 2.12 or higher, you should have quicksearch.html +available to use and simplify your searches. There is also a helper for the +query interface, called queryhelp.cgi. Landfill tends to run the latest +code, so these two utilities should be available there for your perusal. + +At this point, let's visit the query page. +landfill.tequilarista.org/bugzilla-tip/query.cgi + +The first thing you need to notice about the Bugzilla Query Page is that +nearly every box you see on your screen has a hyperlink nearby, explaining +what it is or what it does. Near the upper-left-hand corner of your browser +window you should see the word "Status" underlined. Select it. + +Notice the page that popped up? Every underlined word you see on your screen +is a hyperlink that will take you to context-sensitive help. Click around +for a while, and learn what everything here does. To return to the query +interface after pulling up a help page, use the "Back" button in your +browser. + +I'm sure that after checking out the online help, you are now an expert on +the Bugzilla Query Page. If, however, you feel you haven't mastered it yet, +let me walk you through making a few successful queries to find out what +there are in the Bugzilla bug-tracking system itself. 1. Ensure you are back on the "Bugzilla Query Page". Do nothing in the boxes marked "Status", "Resolution", "Platform", "OpSys", @@ -777,11 +690,11 @@ Chapter 2. Using Bugzilla fairly certain I will always have some bugs assigned to me that aren't done yet, so you won't often see that message! - I encourage you to click the bug numbers in the left-hand column and - examine my bugs. Also notice that if you click the underlined links - near the top of this page, they do not take you to context-sensitive - help here, but instead sort the columns of bugs on the screen! When - you need to sort your bugs by priority, severity, or the people they + I encourage you to click the bug numbers in the left-hand column and + examine my bugs. Also notice that if you click the underlined links + near the top of this page, they do not take you to context-sensitive + help here, but instead sort the columns of bugs on the screen! When + you need to sort your bugs by priority, severity, or the people they are assigned to, this is a tremendous timesaver. A couple more interesting things about the Bug List page: @@ -809,33 +722,32 @@ Chapter 2. Using Bugzilla 2.3.3. Creating and Managing Bug Reports - + And all this time, I thought we were taking bugs out... _________________________________________________________________ 2.3.3.1. Writing a Great Bug Report - Before we plunge into writing your first bug report, I encourage you - to read some bug-writing guidelines. If you are reading this document - as part of a Bugzilla CVS checkout or un-tarred Bugzilla distribution, - you should be able to read them by clicking here. If you are reading - this online, check out the Mozilla.org bug-writing guidelines at - http://www.mozilla.org/quality/bug-writing-guidelines.html. While some - of the advice is Mozilla-specific, the basic principles of reporting - Reproducible, Specific bugs, isolating the Product you are using, the - Version of the Product, the Component which failed, the Hardware - Platform, and Operating System you were using at the time of the - failure go a long way toward ensuring accurate, responsible fixes for - the bug that bit you. - - While you are at it, why not learn how to find previously reported - bugs? Mozilla.org has published a great tutorial on finding duplicate - bugs, available at - http://www.mozilla.org/quality/help/beginning-duplicate-finding.html. - - I realize this was a lot to read. However, understanding the mentality - of writing great bug reports will help us on the next part! +Before we plunge into writing your first bug report, I encourage you to read +some bug-writing guidelines. If you are reading this document as part of a +Bugzilla CVS checkout or un-tarred Bugzilla distribution, you should be able +to read them by clicking here. If you are reading this online, check out the +Mozilla.org bug-writing guidelines at +http://www.mozilla.org/quality/bug-writing-guidelines.html. While some of +the advice is Mozilla-specific, the basic principles of reporting +Reproducible, Specific bugs, isolating the Product you are using, the +Version of the Product, the Component which failed, the Hardware Platform, +and Operating System you were using at the time of the failure go a long way +toward ensuring accurate, responsible fixes for the bug that bit you. + +While you are at it, why not learn how to find previously reported bugs? +Mozilla.org has published a great tutorial on finding duplicate bugs, +available at +http://www.mozilla.org/quality/help/beginning-duplicate-finding.html. + +I realize this was a lot to read. However, understanding the mentality of +writing great bug reports will help us on the next part! 1. Go back to http://landfill.tequilarista.org/bugzilla-tip/ in your browser. @@ -865,9 +777,9 @@ Chapter 2. Using Bugzilla 2.3.3.2. Managing your Bug Reports - OK, you should have a link to the bug you just created near the top of - your page. It should say "Bug XXXX posted", with a link to the right - saying "Back to BUG# XXXX". Select this link. +OK, you should have a link to the bug you just created near the top of your +page. It should say "Bug XXXX posted", with a link to the right saying "Back +to BUG# XXXX". Select this link. 1. Scroll down a bit on the subsequent page, until you see the "Resolve bug, changing resolution to (dropdown box). Normally, you @@ -882,28 +794,28 @@ Chapter 2. Using Bugzilla Resolving the bug with INVALID status again. This time it should work. - You have now learned the basics of Bugzilla navigation, entering a - bug, and bug maintenance. I encourage you to explore these features, - and see what you can do with them! We'll spend no more time on - individual Bugs or Queries from this point on, so you are on your own + You have now learned the basics of Bugzilla navigation, entering a + bug, and bug maintenance. I encourage you to explore these features, + and see what you can do with them! We'll spend no more time on + individual Bugs or Queries from this point on, so you are on your own there. But I'll give a few last hints! - There is a CLUE on the Query page that will teach you more how to use + There is a CLUE on the Query page that will teach you more how to use the form. If you click the hyperlink on the Component box of the Query page, you - will be presented a form that will describe what all the components + will be presented a form that will describe what all the components are. - Possibly the most powerful feature of the Query page is the Boolean - Chart section. It's a bit confusing to use the first time, but can - provide unparalleled flexibility in your queries, allowing you to + Possibly the most powerful feature of the Query page is the Boolean + Chart section. It's a bit confusing to use the first time, but can + provide unparalleled flexibility in your queries, allowing you to build extremely powerful requests. Finally, you can build some nifty Reports using the "Bug Reports" link - near the bottom of the query page, and also available via the + near the bottom of the query page, and also available via the "Reports" link at the footer of each page. _________________________________________________________________ @@ -915,39 +827,38 @@ Chapter 2. Using Bugzilla These ain't fortune cookies, kid... - Customized User Preferences offer tremendous versatility to your + Customized User Preferences offer tremendous versatility to your individual Bugzilla experience. Let's plunge into what you can do! The - first step is to click the "Edit prefs" link at the footer of each + first step is to click the "Edit prefs" link at the footer of each page once you have logged in to Landfill. _________________________________________________________________ 2.4.1. Account Settings - On this page, you can change your basic Account Settings, including - your password and full name. For security reasons, in order to change - anything on this page you must type your current password into the - "Old Password" field. If you wish to change your password, type the - new password you want into the "New Password" field and again into the - "Re-enter new password" field to ensure you typed your new password - correctly. Select the "Submit" button and you are done. +On this page, you can change your basic Account Settings, including your +password and full name. For security reasons, in order to change anything on +this page you must type your current password into the "Old Password" field. +If you wish to change your password, type the new password you want into the +"New Password" field and again into the "Re-enter new password" field to +ensure you typed your new password correctly. Select the "Submit" button and +you are done. _________________________________________________________________ 2.4.2. Email Settings 2.4.2.1. Email Notification - Here you can reduce or increase the amount of email sent you from - Bugzilla. Although this is referred to as "Advanced Email Filtering - Options", they are, in fact, the standard email filter set. All of - them are self-explanatory, but you can use the filters in interesting - ways. For instance, some people (notably Quality Assurance personnel) - often only care to receive updates regarding a bug when the bug - changes state, so they can track bugs on their flow charts and know - when it is time to pull the bug onto a quality assurance platform for - inspection. Other people set up email gateways to Bonsai, the Mozilla - automated CVS management system or Tinderbox, the Mozilla automated - build management system, and restrict which types of Bugzilla - information are fed to these systems.. +Here you can reduce or increase the amount of email sent you from Bugzilla. +Although this is referred to as "Advanced Email Filtering Options", they +are, in fact, the standard email filter set. All of them are +self-explanatory, but you can use the filters in interesting ways. For +instance, some people (notably Quality Assurance personnel) often only care +to receive updates regarding a bug when the bug changes state, so they can +track bugs on their flow charts and know when it is time to pull the bug +onto a quality assurance platform for inspection. Other people set up email +gateways to Bonsai, the Mozilla automated CVS management system or +Tinderbox, the Mozilla automated build management system, and restrict which +types of Bugzilla information are fed to these systems.. _________________________________________________________________ 2.4.2.2. New Email Technology @@ -961,13 +872,13 @@ Chapter 2. Using Bugzilla and "make it the default for all new users", referring her to the Administration section of this Guide. - Disregard the warnings about "experimental and bleeding edge"; the - code to handle email in a cleaner manner than that historically used + Disregard the warnings about "experimental and bleeding edge"; the + code to handle email in a cleaner manner than that historically used for Bugzilla is quite robust and well-tested now. - I recommend you enable the option, "Click here to sign up (and risk - any bugs)". Your email-box will thank you for it. The fundamental - shift in "newemailtech" is away from standard UNIX "diff" output, + I recommend you enable the option, "Click here to sign up (and risk + any bugs)". Your email-box will thank you for it. The fundamental + shift in "newemailtech" is away from standard UNIX "diff" output, which is quite ugly, to a prettier, better laid-out email. _________________________________________________________________ @@ -982,10 +893,10 @@ Chapter 2. Using Bugzilla By entering user email names into the "Users to watch" text entry box, delineated by commas, you can watch bugs of other users. This powerful - functionality enables seamless transitions as developers change + functionality enables seamless transitions as developers change projects, managers wish to get in touch with the issues faced by their - direct reports, or users go on vacation. If any of these three - situations apply to you, you will undoubtedly find this feature quite + direct reports, or users go on vacation. If any of these three + situations apply to you, you will undoubtedly find this feature quite convenient. _________________________________________________________________ @@ -999,11 +910,11 @@ Chapter 2. Using Bugzilla drop-down menu away. On this page of Preferences, if you have many stored queries you can elect to have them always one-click away! - If you have many stored queries on the server, here you will find - individual drop-downs for each stored query. Each drop-down gives you - the option of that query appearing on the footer of every page in - Bugzilla! This gives you powerful one-click access to any complex - searches you may set up, and is an excellent way to impress your + If you have many stored queries on the server, here you will find + individual drop-downs for each stored query. Each drop-down gives you + the option of that query appearing on the footer of every page in + Bugzilla! This gives you powerful one-click access to any complex + searches you may set up, and is an excellent way to impress your boss... Tip @@ -1022,40 +933,37 @@ Chapter 2. Using Bugzilla 2.4.4. Permissions - This is a purely informative page which outlines your current - permissions on this installation of Bugzilla. If you have permissions - to grant certain permissions to other users, the "other users" link - appears on this page as well as the footer. For more information - regarding user administration, please consult the Administration - section of this Guide. +This is a purely informative page which outlines your current permissions on +this installation of Bugzilla. If you have permissions to grant certain +permissions to other users, the "other users" link appears on this page as +well as the footer. For more information regarding user administration, +please consult the Administration section of this Guide. _________________________________________________________________ 2.5. Using Bugzilla-Conclusion - Thank you for reading through this portion of the Bugzilla Guide. I - anticipate it may not yet meet the needs of all readers. If you have - additional comments or corrections to make, please submit your - contributions to the mozilla-webtools mailing list/newsgroup. The - mailing list is mirrored to the netscape.public.mozilla.webtools - newsgroup, and the newsgroup is mirrored to - mozilla-webtools@mozilla.org +Thank you for reading through this portion of the Bugzilla Guide. I +anticipate it may not yet meet the needs of all readers. If you have +additional comments or corrections to make, please submit your contributions +to the mozilla-webtools mailing list/newsgroup. The mailing list is mirrored +to the netscape.public.mozilla.webtools newsgroup, and the newsgroup is +mirrored to mozilla-webtools@mozilla.org _________________________________________________________________ Chapter 3. Installation - These installation instructions are presented assuming you are - installing on a UNIX or completely POSIX-compliant system. If you are - installing on Microsoft Windows or another oddball operating system, - please consult the appropriate sections in this installation guide for - notes on how to be successful. +These installation instructions are presented assuming you are installing on +a UNIX or completely POSIX-compliant system. If you are installing on +Microsoft Windows or another oddball operating system, please consult the +appropriate sections in this installation guide for notes on how to be +successful. _________________________________________________________________ 3.1. ERRATA - Here are some miscellaneous notes about possible issues you main run - into when you begin your Bugzilla installation. Reference platforms - for Bugzilla installation are Redhat Linux 7.2, Linux-Mandrake 8.0, - and Solaris 8. +Here are some miscellaneous notes about possible issues you main run into +when you begin your Bugzilla installation. Reference platforms for Bugzilla +installation are Redhat Linux 7.2, Linux-Mandrake 8.0, and Solaris 8. If you are installing Bugzilla on S.u.S.e. Linux, or some other distributions with "paranoid" security options, it is possible that @@ -1098,22 +1006,21 @@ Chapter 3. Installation 3.2.1. Introduction - Installation of bugzilla is pretty straightforward, particularly if - your machine already has MySQL and the MySQL-related perl packages - installed. If those aren't installed yet, then that's the first order - of business. The other necessary ingredient is a web server set up to - run cgi scripts. While using Apache for your webserver is not - required, it is recommended. - - Bugzilla has been successfully installed under Solaris, Linux, and - Win32. The peculiarities of installing on Win32 (Microsoft Windows) - are not included in this section of the Guide; please check out the - Win32 Installation Notes for further advice on getting Bugzilla to - work on Microsoft Windows. - - The Bugzilla Guide is contained in the "docs/" folder in your Bugzilla - distribution. It is available in plain text (docs/txt), HTML - (docs/html), or SGML source (docs/sgml). +Installation of bugzilla is pretty straightforward, particularly if your +machine already has MySQL and the MySQL-related perl packages installed. If +those aren't installed yet, then that's the first order of business. The +other necessary ingredient is a web server set up to run cgi scripts. While +using Apache for your webserver is not required, it is recommended. + +Bugzilla has been successfully installed under Solaris, Linux, and Win32. +The peculiarities of installing on Win32 (Microsoft Windows) are not +included in this section of the Guide; please check out the Win32 +Installation Notes for further advice on getting Bugzilla to work on +Microsoft Windows. + +The Bugzilla Guide is contained in the "docs/" folder in your Bugzilla +distribution. It is available in plain text (docs/txt), HTML (docs/html), or +SGML source (docs/sgml). _________________________________________________________________ 3.2.2. Installing the Prerequisites @@ -1126,11 +1033,11 @@ Chapter 3. Installation libraries) on your system, check out Bundle::Bugzilla in Using Bundle::Bugzilla instead of manually installing Perl modules - The software packages necessary for the proper running of bugzilla + The software packages necessary for the proper running of bugzilla are: 1. MySQL database server and the mysql client (3.22.5 or greater) - 2. Perl (5.004 or greater, 5.6.1 is recommended if you wish to use + 2. Perl (5.004 or greater, 5.6.1 is recommended if you wish to use Bundle::Bugzilla) 3. DBI Perl module 4. Data::Dumper Perl module @@ -1140,7 +1047,7 @@ Chapter 3. Installation 8. Chart::Base Perl module (0.99c) (optional, for bug charting) 9. DB_File Perl module (optional, for bug charting) 10. The web server of your choice. Apache is recommended. - 11. MIME::Parser Perl module (optional, for contrib/bug_email.pl + 11. MIME::Parser Perl module (optional, for contrib/bug_email.pl interface) Warning @@ -1171,16 +1078,15 @@ Chapter 3. Installation 3.2.3. Installing MySQL Database - Visit MySQL homepage at www.mysql.com and grab the latest stable - release of the server. Many of the binary versions of MySQL store - their data files in /var which is often part of a smaller root - partition. If you decide to build from sources you can easily set the - dataDir as an option to configure. +Visit MySQL homepage at www.mysql.com and grab the latest stable release of +the server. Many of the binary versions of MySQL store their data files in +/var which is often part of a smaller root partition. If you decide to build +from sources you can easily set the dataDir as an option to configure. - If you install from source or non-package (RPM, deb, etc.) binaries - you need to add mysqld to your init scripts so the server daemon will - come back up whenever your machine reboots. Further discussion of UNIX - init sequences are beyond the scope of this guide. +If you install from source or non-package (RPM, deb, etc.) binaries you need +to add mysqld to your init scripts so the server daemon will come back up +whenever your machine reboots. Further discussion of UNIX init sequences are +beyond the scope of this guide. Note @@ -1200,21 +1106,20 @@ Chapter 3. Installation 3.2.4. Perl (5.004 or greater) - Any machine that doesn't have perl on it is a sad machine indeed. Perl - for *nix systems can be gotten in source form from - http://www.perl.com. Although Bugzilla runs with most post-5.004 - versions of Perl, it's a good idea to be up to the very latest version - if you can when running Bugzilla. As of this writing, that is perl - version 5.6.1. - - Perl is now a far cry from the the single compiler/interpreter binary - it once was. It includes a great many required modules and quite a few - other support files. If you're not up to or not inclined to build perl - from source, you'll want to install it on your machine using some sort - of packaging system (be it RPM, deb, or what have you) to ensure a - sane install. In the subsequent sections you'll be installing quite a - few perl modules; this can be quite ornery if your perl installation - isn't up to snuff. +Any machine that doesn't have perl on it is a sad machine indeed. Perl for +*nix systems can be gotten in source form from http://www.perl.com. Although +Bugzilla runs with most post-5.004 versions of Perl, it's a good idea to be +up to the very latest version if you can when running Bugzilla. As of this +writing, that is perl version 5.6.1. + +Perl is now a far cry from the the single compiler/interpreter binary it +once was. It includes a great many required modules and quite a few other +support files. If you're not up to or not inclined to build perl from +source, you'll want to install it on your machine using some sort of +packaging system (be it RPM, deb, or what have you) to ensure a sane +install. In the subsequent sections you'll be installing quite a few perl +modules; this can be quite ornery if your perl installation isn't up to +snuff. Warning @@ -1246,22 +1151,22 @@ Chapter 3. Installation 3.2.5. DBI Perl Module - The DBI module is a generic Perl module used by other database related - Perl modules. For our purposes it's required by the MySQL-related - modules. As long as your Perl installation was done correctly the DBI - module should be a breeze. It's a mixed Perl/C module, but Perl's - MakeMaker system simplifies the C compilation greatly. +The DBI module is a generic Perl module used by other database related Perl +modules. For our purposes it's required by the MySQL-related modules. As +long as your Perl installation was done correctly the DBI module should be a +breeze. It's a mixed Perl/C module, but Perl's MakeMaker system simplifies +the C compilation greatly. - Like almost all Perl modules DBI can be found on the Comprehensive - Perl Archive Network (CPAN) at http://www.cpan.org. The CPAN servers - have a real tendency to bog down, so please use mirrors. The current - location at the time of this writing can be found in Appendix B. +Like almost all Perl modules DBI can be found on the Comprehensive Perl +Archive Network (CPAN) at http://www.cpan.org. The CPAN servers have a real +tendency to bog down, so please use mirrors. The current location at the +time of this writing can be found in Appendix B. - Quality, general Perl module installation instructions can be found on - the CPAN website, but the easy thing to do is to just use the CPAN - shell which does all the hard work for you. +Quality, general Perl module installation instructions can be found on the +CPAN website, but the easy thing to do is to just use the CPAN shell which +does all the hard work for you. - To use the CPAN shell to install DBI: +To use the CPAN shell to install DBI: bash# perl -MCPAN -e 'install "DBI"' @@ -1270,7 +1175,7 @@ Chapter 3. Installation Replace "DBI" with the name of whichever module you wish to install, such as Data::Dumper, TimeDate, GD, etc. - To do it the hard way: +To do it the hard way: Untar the module tarball -- it should create its own directory @@ -1281,71 +1186,71 @@ Chapter 3. Installation 3. bash# make test 4. bash# make install - If everything went ok that should be all it takes. For the vast + If everything went ok that should be all it takes. For the vast majority of perl modules this is all that's required. _________________________________________________________________ 3.2.6. Data::Dumper Perl Module - The Data::Dumper module provides data structure persistence for Perl - (similar to Java's serialization). It comes with later sub-releases of - Perl 5.004, but a re-installation just to be sure it's available won't - hurt anything. +The Data::Dumper module provides data structure persistence for Perl +(similar to Java's serialization). It comes with later sub-releases of Perl +5.004, but a re-installation just to be sure it's available won't hurt +anything. - Data::Dumper is used by the MySQL-related Perl modules. It can be - found on CPAN (see Appendix B) and can be installed by following the - same four step make sequence used for the DBI module. +Data::Dumper is used by the MySQL-related Perl modules. It can be found on +CPAN (see Appendix B) and can be installed by following the same four step +make sequence used for the DBI module. _________________________________________________________________ 3.2.7. MySQL related Perl Module Collection - The Perl/MySQL interface requires a few mutually-dependent perl - modules. These modules are grouped together into the the - Msql-Mysql-modules package. This package can be found at CPAN. After - the archive file has been downloaded it should be untarred. +The Perl/MySQL interface requires a few mutually-dependent perl modules. +These modules are grouped together into the the Msql-Mysql-modules package. +This package can be found at CPAN. After the archive file has been +downloaded it should be untarred. - The MySQL modules are all built using one make file which is generated - by running: bash# perl Makefile.pl +The MySQL modules are all built using one make file which is generated by +running: bash# perl Makefile.pl - The MakeMaker process will ask you a few questions about the desired - compilation target and your MySQL installation. For many of the - questions the provided default will be adequate. +The MakeMaker process will ask you a few questions about the desired +compilation target and your MySQL installation. For many of the questions +the provided default will be adequate. - When asked if your desired target is the MySQL or mSQL packages, - select the MySQL related ones. Later you will be asked if you wish to - provide backwards compatibility with the older MySQL packages; you - should answer YES to this question. The default is NO. +When asked if your desired target is the MySQL or mSQL packages, select the +MySQL related ones. Later you will be asked if you wish to provide backwards +compatibility with the older MySQL packages; you should answer YES to this +question. The default is NO. - A host of 'localhost' should be fine and a testing user of 'test' and - a null password should find itself with sufficient access to run tests - on the 'test' database which MySQL created upon installation. If 'make - test' and 'make install' go through without errors you should be ready - to go as far as database connectivity is concerned. +A host of 'localhost' should be fine and a testing user of 'test' and a null +password should find itself with sufficient access to run tests on the +'test' database which MySQL created upon installation. If 'make test' and +'make install' go through without errors you should be ready to go as far as +database connectivity is concerned. _________________________________________________________________ 3.2.8. TimeDate Perl Module Collection - Many of the more common date/time/calendar related Perl modules have - been grouped into a bundle similar to the MySQL modules bundle. This - bundle is stored on the CPAN under the name TimeDate (see link: - Appendix B). The component module we're most interested in is the - Date::Format module, but installing all of them is probably a good - idea anyway. The standard Perl module installation instructions should - work perfectly for this simple package. +Many of the more common date/time/calendar related Perl modules have been +grouped into a bundle similar to the MySQL modules bundle. This bundle is +stored on the CPAN under the name TimeDate (see link: Appendix B). The +component module we're most interested in is the Date::Format module, but +installing all of them is probably a good idea anyway. The standard Perl +module installation instructions should work perfectly for this simple +package. _________________________________________________________________ 3.2.9. GD Perl Module (1.8.3) - The GD library was written by Thomas Boutell a long while ago to - programatically generate images in C. Since then it's become the - defacto standard for programatic image construction. The Perl bindings - to it found in the GD library are used on millions of web pages to - generate graphs on the fly. That's what bugzilla will be using it for - so you must install it if you want any of the graphing to work. +The GD library was written by Thomas Boutell a long while ago to +programatically generate images in C. Since then it's become the defacto +standard for programatic image construction. The Perl bindings to it found +in the GD library are used on millions of web pages to generate graphs on +the fly. That's what bugzilla will be using it for so you must install it if +you want any of the graphing to work. - Actually bugzilla uses the Graph module which relies on GD itself. - Isn't that always the way with object-oriented programming? At any - rate, you can find the GD library on CPAN in Appendix B. +Actually bugzilla uses the Graph module which relies on GD itself. Isn't +that always the way with object-oriented programming? At any rate, you can +find the GD library on CPAN in Appendix B. Note @@ -1358,28 +1263,27 @@ Chapter 3. Installation 3.2.10. Chart::Base Perl Module (0.99c) - The Chart module provides bugzilla with on-the-fly charting abilities. - It can be installed in the usual fashion after it has been fetched - from CPAN where it is found as the Chart-x.x... tarball, linked in - Appendix B. Note that as with the GD perl module, only the version - listed above, or newer, will work. Earlier versions used GIF's, which - are no longer supported by the latest versions of GD. +The Chart module provides bugzilla with on-the-fly charting abilities. It +can be installed in the usual fashion after it has been fetched from CPAN +where it is found as the Chart-x.x... tarball, linked in Appendix B. Note +that as with the GD perl module, only the version listed above, or newer, +will work. Earlier versions used GIF's, which are no longer supported by the +latest versions of GD. _________________________________________________________________ 3.2.11. DB_File Perl Module - DB_File is a module which allows Perl programs to make use of the - facilities provided by Berkeley DB version 1.x. This module is - required by collectstats.pl which is used for bug charting. If you - plan to make use of bug charting, you must install this module. +DB_File is a module which allows Perl programs to make use of the facilities +provided by Berkeley DB version 1.x. This module is required by +collectstats.pl which is used for bug charting. If you plan to make use of +bug charting, you must install this module. _________________________________________________________________ 3.2.12. HTTP Server - You have a freedom of choice here - Apache, Netscape or any other - server on UNIX would do. You can easily run the web server on a - different machine than MySQL, but need to adjust the MySQL "bugs" user - permissions accordingly. +You have a freedom of choice here - Apache, Netscape or any other server on +UNIX would do. You can easily run the web server on a different machine than +MySQL, but need to adjust the MySQL "bugs" user permissions accordingly. Note @@ -1389,21 +1293,25 @@ Chapter 3. Installation on the peculiarities of installing using their favorite webserver, I will provide notes for them. - You'll want to make sure that your web server will run any file with - the .cgi extension as a cgi and not just display it. If you're using - apache that means uncommenting the following line in the srm.conf + You'll want to make sure that your web server will run any file with + the .cgi extension as a cgi and not just display it. If you're using + apache that means uncommenting the following line in the srm.conf file: AddHandler cgi-script .cgi - With apache you'll also want to make sure that within the access.conf + With apache you'll also want to make sure that within the access.conf file the line: - Options ExecCGI +Options ExecCGI +AllowOverride Limit - is in the stanza that covers the directories into which you intend to + is in the stanza that covers the directories into which you intend to put the bugzilla .html and .cgi files. Note + AllowOverride Limit allows the use of a Deny statement in the + .htaccess file generated by checksetup.pl + Users of newer versions of Apache will generally find both of the above lines will be in the httpd.conf file, rather than srm.conf or access.conf. @@ -1421,13 +1329,13 @@ Chapter 3. Installation 3.2.13. Installing the Bugzilla Files - You should untar the Bugzilla files into a directory that you're - willing to make writable by the default web server user (probably - "nobody"). You may decide to put the files off of the main web space - for your web server or perhaps off of /usr/local with a symbolic link - in the web space that points to the Bugzilla directory. At any rate, - just dump all the files in the same place, and make sure you can - access the files in that directory through your web server. +You should untar the Bugzilla files into a directory that you're willing to +make writable by the default web server user (probably "nobody"). You may +decide to put the files off of the main web space for your web server or +perhaps off of /usr/local with a symbolic link in the web space that points +to the Bugzilla directory. At any rate, just dump all the files in the same +place, and make sure you can access the files in that directory through your +web server. Tip @@ -1435,32 +1343,33 @@ Chapter 3. Installation heirarchy, you may receive Forbidden errors unless you add the "FollowSymLinks" directive to the <Directory> entry for the HTML root. - Once all the files are in a web accessible directory, make that - directory writable by your webserver's user. This is a temporary step - until you run the post-install checksetup.pl script, which locks down + Once all the files are in a web accessible directory, make that + directory writable by your webserver's user. This is a temporary step + until you run the post-install checksetup.pl script, which locks down your installation. - Lastly, you'll need to set up a symbolic link to - /usr/bonsaitools/bin/perl for the correct location of your perl - executable (probably /usr/bin/perl). Otherwise you must hack all the - .cgi files to change where they look for perl, or use The setperl.csh + Lastly, you'll need to set up a symbolic link to + /usr/bonsaitools/bin/perl for the correct location of your perl + executable (probably /usr/bin/perl). Otherwise you must hack all the + .cgi files to change where they look for perl, or use The setperl.csh Utility, found in Useful Patches and Utilities for Bugzilla. I suggest using the symlink approach for future release compatability. Example 3-1. Setting up bonsaitools symlink Here's how you set up the Perl symlink on Linux to make Bugzilla work. - Your mileage may vary. For some UNIX operating systems, you probably - need to subsitute "/usr/local/bin/perl" for "/usr/bin/perl" below; if - on certain other UNIX systems, Perl may live in weird places like + Your mileage may vary. For some UNIX operating systems, you probably + need to subsitute "/usr/local/bin/perl" for "/usr/bin/perl" below; if + on certain other UNIX systems, Perl may live in weird places like "/opt/perl". As root, run these commands: bash# mkdir /usr/bonsaitools bash# mkdir /usr/bonsaitools/bin bash# ln -s /usr/bin/perl /usr/bonsaitools/bin/perl - Alternately, you can simply run this perl one-liner to change your + Alternately, you can simply run this perl one-liner to change your path to perl in all the files in your Bugzilla installation: -perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm +perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm pr +ocessmail syncshadowdb Change the second path to perl to match your installation. @@ -1474,13 +1383,13 @@ perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm 3.2.14. Setting Up the MySQL Database - After you've gotten all the software installed and working you're - ready to start preparing the database for its life as a the back end - to a high quality bug tracker. +After you've gotten all the software installed and working you're ready to +start preparing the database for its life as a the back end to a high +quality bug tracker. - First, you'll want to fix MySQL permissions to allow access from - Bugzilla. For the purpose of this Installation section, the Bugzilla - username will be "bugs", and will have minimal permissions. +First, you'll want to fix MySQL permissions to allow access from Bugzilla. +For the purpose of this Installation section, the Bugzilla username will be +"bugs", and will have minimal permissions. Warning @@ -1498,15 +1407,15 @@ perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm user='root'; mysql> FLUSH PRIVILEGES; - From this point on, if you need to access MySQL as the MySQL root - user, you will need to use mysql -u root -p and enter your - new_password. Remember that MySQL user names have nothing to do with + From this point on, if you need to access MySQL as the MySQL root + user, you will need to use mysql -u root -p and enter your + new_password. Remember that MySQL user names have nothing to do with Unix user names (login names). - Next, we create the "bugs" user, and grant sufficient permissions for - checksetup.pl, which we'll use later, to work its magic. This also - restricts the "bugs" user to operations within a database called - "bugs", and only allows the account to connect from "localhost". + Next, we create the "bugs" user, and grant sufficient permissions for + checksetup.pl, which we'll use later, to work its magic. This also + restricts the "bugs" user to operations within a database called + "bugs", and only allows the account to connect from "localhost". Modify it to reflect your setup if you will be connecting from another machine or as a different user. @@ -1517,9 +1426,9 @@ perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm 'bugs_password'; mysql> FLUSH PRIVILEGES; - Next, run the magic checksetup.pl script. (Many thanks to Holger - Schurig <holgerschurig@nikocity.de> for writing this script!) It will - make sure Bugzilla files and directories have reasonable permissions, + Next, run the magic checksetup.pl script. (Many thanks to Holger + Schurig <holgerschurig@nikocity.de> for writing this script!) It will + make sure Bugzilla files and directories have reasonable permissions, set up the data directory, and create all the MySQL tables. bash# ./checksetup.pl @@ -1529,10 +1438,10 @@ perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm 3.2.15. Tweaking localconfig - This file contains a variety of settings you may need to tweak - including how Bugzilla should connect to the MySQL database. +This file contains a variety of settings you may need to tweak including how +Bugzilla should connect to the MySQL database. - The connection settings include: +The connection settings include: 1. server's host: just use "localhost" if the MySQL server is local 2. database name: "bugs" if you're following these directions @@ -1543,12 +1452,12 @@ perl -pi -e 's@#!/usr/bonsaitools/bin/perl@#!/usr/bin/perl@' *cgi *pl Bug.pm use to restrict access to Bugzilla data files. See .htaccess files and security. - Once you are happy with the settings, re-run checksetup.pl. On this - second run, it will create the database and an administrator account + Once you are happy with the settings, re-run checksetup.pl. On this + second run, it will create the database and an administrator account for which you will be prompted to provide information. When logged into an administrator account once Bugzilla is running, if - you go to the query page (off of the Bugzilla main menu), you'll find + you go to the query page (off of the Bugzilla main menu), you'll find an "edit parameters" option that is filled with editable treats. Should everything work, you will have a nearly empty Bugzilla database @@ -1584,10 +1493,9 @@ bash# ./checksetup.pl 3.2.16. Setting Up Maintainers Manually (Optional) - If you want to add someone else to every group by hand, you can do it - by typing the appropriate MySQL commands. Run mysql -u root -p bugs - You may need different parameters, depending on your security - settings. Then: +If you want to add someone else to every group by hand, you can do it by +typing the appropriate MySQL commands. Run mysql -u root -p bugs You may +need different parameters, depending on your security settings. Then: mysql> update profiles set groupset=0x7fffffffffffffff where login_name = 'XXX'; (yes, that's fifteen"f"'s. @@ -1597,13 +1505,13 @@ bash# ./checksetup.pl 3.2.17. The Whining Cron (Optional) - By now you have a fully functional bugzilla, but what good are bugs if - they're not annoying? To help make those bugs more annoying you can - set up bugzilla's automatic whining system. This can be done by adding - the following command as a daily crontab entry (for help on that see - that crontab man page): +By now you have a fully functional bugzilla, but what good are bugs if +they're not annoying? To help make those bugs more annoying you can set up +bugzilla's automatic whining system. This can be done by adding the +following command as a daily crontab entry (for help on that see that +crontab man page): - cd <your-bugzilla-directory> ; ./whineatnews.pl +cd <your-bugzilla-directory> ; ./whineatnews.pl Tip @@ -1615,36 +1523,35 @@ bash# ./checksetup.pl 3.2.18. Bug Graphs (Optional) - As long as you installed the GD and Graph::Base Perl modules you might - as well turn on the nifty bugzilla bug reporting graphs. +As long as you installed the GD and Graph::Base Perl modules you might as +well turn on the nifty bugzilla bug reporting graphs. - Add a cron entry like this to run collectstats daily at 5 after - midnight: +Add a cron entry like this to run collectstats daily at 5 after midnight: - bash# crontab -e - 5 0 * * * cd <your-bugzilla-directory> ; ./collectstats.pl +bash# crontab -e +5 0 * * * cd <your-bugzilla-directory> ; ./collectstats.pl - After two days have passed you'll be able to view bug graphs from the + After two days have passed you'll be able to view bug graphs from the Bug Reports page. _________________________________________________________________ 3.2.19. Securing MySQL - If you followed the installation instructions for setting up your - "bugs" and "root" user in MySQL, much of this should not apply to you. - If you are upgrading an existing installation of Bugzilla, you should - pay close attention to this section. +If you followed the installation instructions for setting up your "bugs" and +"root" user in MySQL, much of this should not apply to you. If you are +upgrading an existing installation of Bugzilla, you should pay close +attention to this section. - Most MySQL installs have "interesting" default security parameters: +Most MySQL installs have "interesting" default security parameters: - mysqld defaults to running as root - it defaults to allowing external network connections - it has a known port number, and is easy to detect - it defaults to no passwords whatsoever - it defaults to allowing "File_Priv" +mysqld defaults to running as root +it defaults to allowing external network connections +it has a known port number, and is easy to detect +it defaults to no passwords whatsoever +it defaults to allowing "File_Priv" - This means anyone from anywhere on the internet can not only drop the - database with one SQL command, and they can write as root to the + This means anyone from anywhere on the internet can not only drop the + database with one SQL command, and they can write as root to the system. To see your permissions do: @@ -1668,8 +1575,8 @@ bash# ./checksetup.pl REVOKE DROP ON bugs.* FROM bugs@localhost; FLUSH PRIVILEGES; - With "mit-pthreads" you'll need to modify the "globals.pl" - Mysql->Connect line to specify a specific host name instead of + With "mit-pthreads" you'll need to modify the "globals.pl" + Mysql->Connect line to specify a specific host name instead of "localhost", and accept external connections: GRANT USAGE ON *.* TO bugs@bounce.hop.com; @@ -1677,19 +1584,19 @@ bash# ./checksetup.pl REVOKE DROP ON bugs.* FROM bugs@bounce.hop.com; FLUSH PRIVILEGES; - Use .htaccess files with the Apache webserver to secure your bugzilla + Use .htaccess files with the Apache webserver to secure your bugzilla install. See .htaccess files and security Consider also: - 1. Turning off external networking with "--skip-networking", unless - you have "mit-pthreads", in which case you can't. Without + 1. Turning off external networking with "--skip-networking", unless + you have "mit-pthreads", in which case you can't. Without networking, MySQL connects with a Unix domain socket. - 2. using the --user= option to mysqld to run it as an unprivileged + 2. using the --user= option to mysqld to run it as an unprivileged user. 3. starting MySQL in a chroot jail 4. running the httpd in a "chrooted" jail - 5. making sure the MySQL passwords are different from the OS + 5. making sure the MySQL passwords are different from the OS passwords (MySQL "root" has nothing to do with system "root"). 6. running MySQL on a separate untrusted machine 7. making backups ;-) @@ -1697,35 +1604,34 @@ bash# ./checksetup.pl 3.3. Mac OS X Installation Notes - There are a lot of common libraries and utilities out there that Apple - did not include with Mac OS X, but which run perfectly well on it. The - GD library, which Bugzilla needs to do bug graphs, is one of these. +There are a lot of common libraries and utilities out there that Apple did +not include with Mac OS X, but which run perfectly well on it. The GD +library, which Bugzilla needs to do bug graphs, is one of these. - The easiest way to get a lot of these is with a program called Fink, - which is similar in nature to the CPAN installer, but installs common - GNU utilities. Fink is available from - <http://sourceforge.net/projects/fink/>. +The easiest way to get a lot of these is with a program called Fink, which +is similar in nature to the CPAN installer, but installs common GNU +utilities. Fink is available from <http://sourceforge.net/projects/fink/>. - Follow the instructions for setting up Fink. Once it's installed, - you'll want to run the following as root: fink install gd +Follow the instructions for setting up Fink. Once it's installed, you'll +want to run the following as root: fink install gd - It will prompt you for a number of dependencies, type 'y' and hit - enter to install all of the dependencies. Then watch it work. +It will prompt you for a number of dependencies, type 'y' and hit enter to +install all of the dependencies. Then watch it work. - To prevent creating conflicts with the software that Apple installs by - default, Fink creates its own directory tree at /sw where it installs - most of the software that it installs. This means your libraries and - headers for libgd will be at /sw/lib and /sw/include instead of - /usr/lib and /usr/local/include. Because of these changed locations - for the libraries, the Perl GD module will not install directly via - CPAN (it looks for the specific paths instead of getting them from - your environment). But there's a way around that :-) +To prevent creating conflicts with the software that Apple installs by +default, Fink creates its own directory tree at /sw where it installs most +of the software that it installs. This means your libraries and headers for +libgd will be at /sw/lib and /sw/include instead of /usr/lib and +/usr/local/include. Because of these changed locations for the libraries, +the Perl GD module will not install directly via CPAN (it looks for the +specific paths instead of getting them from your environment). But there's a +way around that :-) - Instead of typing "install GD" at the cpan> prompt, type look GD. This - should go through the motions of downloading the latest version of the - GD module, then it will open a shell and drop you into the build - directory. Apply the following patch to the Makefile.PL file (save the - patch into a file and use the command patch < patchfile: +Instead of typing "install GD" at the cpan> prompt, type look GD. This +should go through the motions of downloading the latest version of the GD +module, then it will open a shell and drop you into the build directory. +Apply the following patch to the Makefile.PL file (save the patch into a +file and use the command patch < patchfile: --- GD-1.33/Makefile.PL Fri Aug 4 16:59:22 2000 @@ -1757,7 +1663,7 @@ sr/local/lib); - Then, run these commands to finish the installation of the perl + Then, run these commands to finish the installation of the perl module: perl Makefile.PL @@ -1771,50 +1677,47 @@ sr/local/lib); 3.4. BSD Installation Notes - For instructions on how to set up Bugzilla on FreeBSD, NetBSD, - OpenBSD, BSDi, etc. please consult Section 3.3. +For instructions on how to set up Bugzilla on FreeBSD, NetBSD, OpenBSD, +BSDi, etc. please consult Section 3.3. _________________________________________________________________ 3.5. Installation General Notes 3.5.1. Modifying Your Running System - Bugzilla optimizes database lookups by storing all relatively static - information in the versioncache file, located in the data/ - subdirectory under your installation directory. +Bugzilla optimizes database lookups by storing all relatively static +information in the versioncache file, located in the data/ subdirectory +under your installation directory. - If you make a change to the structural data in your database (the - versions table for example), or to the "constants" encoded in - defparams.pl, you will need to remove the cached content from the data - directory (by doing a "rm data/versioncache"), or your changes won't - show up. +If you make a change to the structural data in your database (the versions +table for example), or to the "constants" encoded in defparams.pl, you will +need to remove the cached content from the data directory (by doing a "rm +data/versioncache"), or your changes won't show up. - That file gets automatically regenerated whenever it's more than an - hour old, so Bugzilla will eventually notice your changes by itself, - but generally you want it to notice right away, so that you can test - things. +That file gets automatically regenerated whenever it's more than an hour +old, so Bugzilla will eventually notice your changes by itself, but +generally you want it to notice right away, so that you can test things. _________________________________________________________________ 3.5.2. Upgrading From Previous Versions - The developers of Bugzilla are constantly adding new tables, columns - and fields. You'll get SQL errors if you just update the code. The - strategy to update is to simply always run the checksetup.pl script - whenever you upgrade your installation of Bugzilla. If you want to see - what has changed, you can read the comments in that file, starting - from the end. +The developers of Bugzilla are constantly adding new tables, columns and +fields. You'll get SQL errors if you just update the code. The strategy to +update is to simply always run the checksetup.pl script whenever you upgrade +your installation of Bugzilla. If you want to see what has changed, you can +read the comments in that file, starting from the end. - If you are running Bugzilla version 2.8 or lower, and wish to upgrade - to the latest version, please consult the file, "UPGRADING-pre-2.8" in - the Bugzilla root directory after untarring the archive. +If you are running Bugzilla version 2.8 or lower, and wish to upgrade to the +latest version, please consult the file, "UPGRADING-pre-2.8" in the Bugzilla +root directory after untarring the archive. _________________________________________________________________ 3.5.3. .htaccess files and security - To enhance the security of your Bugzilla installation, Bugzilla will - generate .htaccess files which the Apache webserver can use to - restrict access to the bugzilla data files. The checksetup script will - generate the .htaccess files. +To enhance the security of your Bugzilla installation, Bugzilla will +generate .htaccess files which the Apache webserver can use to restrict +access to the bugzilla data files. The checksetup script will generate the +.htaccess files. Note @@ -1823,12 +1726,12 @@ sr/local/lib); will need to change the ip address in data/webdot/.htaccess to the ip address of the webdot server that you are using. - The default .htaccess file may not provide adequate access - restrictions, depending on your web server configuration. Be sure to - check the <Directory> entries for your Bugzilla directory so that the - .htaccess file is allowed to override web server defaults. For - instance, let's assume your installation of Bugzilla is installed to - /usr/local/bugzilla. You should have this <Directory> entry in your + The default .htaccess file may not provide adequate access + restrictions, depending on your web server configuration. Be sure to + check the <Directory> entries for your Bugzilla directory so that the + .htaccess file is allowed to override web server defaults. For + instance, let's assume your installation of Bugzilla is installed to + /usr/local/bugzilla. You should have this <Directory> entry in your httpd.conf file: <Directory /usr/local/bugzilla/> @@ -1836,8 +1739,8 @@ sr/local/lib); AllowOverride All </Directory> - The important part above is "AllowOverride All". Without that, - the .htaccess file created by checksetup.pl will not have sufficient + The important part above is "AllowOverride All". Without that, + the .htaccess file created by checksetup.pl will not have sufficient permissions to protect your Bugzilla installation. If you are using Internet Information Server or other web server which @@ -1847,84 +1750,81 @@ sr/local/lib); 3.5.4. mod_throttle and Security - It is possible for a user, by mistake or on purpose, to access the - database many times in a row which can result in very slow access - speeds for other users. If your Bugzilla installation is experiencing - this problem , you may install the Apache module mod_throttle which - can limit connections by ip-address. You may download this module at - http://www.snert.com/Software/Throttle/. Follow the instructions to - install into your Apache install. This module only functions with the - Apache web server!. You may use the ThrottleClientIP command provided - by this module to accomplish this goal. See the Module Instructions - for more information. +It is possible for a user, by mistake or on purpose, to access the database +many times in a row which can result in very slow access speeds for other +users. If your Bugzilla installation is experiencing this problem , you may +install the Apache module mod_throttle which can limit connections by +ip-address. You may download this module at +http://www.snert.com/Software/Throttle/. Follow the instructions to install +into your Apache install. This module only functions with the Apache web +server!. You may use the ThrottleClientIP command provided by this module to +accomplish this goal. See the Module Instructions for more information. _________________________________________________________________ 3.5.5. Preventing untrusted Bugzilla content from executing malicious Javascript code - It is possible for a Bugzilla to execute malicious Javascript code. - Due to internationalization concerns, we are unable to incorporate the - code changes necessary to fulfill the CERT advisory requirements - mentioned in - http://www.cet.org/tech_tips/malicious_code_mitigation.html/#3. - Executing the following code snippet from a UNIX command shell will - rectify the problem if your Bugzilla installation is intended for an - English-speaking audience. As always, be sure your Bugzilla - installation has a good backup before making changes, and I recommend - you understand what the script is doing before executing it. +It is possible for a Bugzilla to execute malicious Javascript code. Due to +internationalization concerns, we are unable to incorporate the code changes +necessary to fulfill the CERT advisory requirements mentioned in +http://www.cet.org/tech_tips/malicious_code_mitigation.html/#3. Executing +the following code snippet from a UNIX command shell will rectify the +problem if your Bugzilla installation is intended for an English-speaking +audience. As always, be sure your Bugzilla installation has a good backup +before making changes, and I recommend you understand what the script is +doing before executing it. bash# cd $BUGZILLA_HOME; for i in `ls *.cgi`; \ do cat $i | sed 's/Content-type\: text\/html/Content-Type: text\/html \; charset=ISO-8859-1/' >$i.tmp; \ mv $i.tmp $i; done - All this one-liner command does is search for all instances of - "Content-type: text/html" and replaces it with "Content-Type: - text/html; charset=ISO-8859-1". This specification prevents possible - Javascript attacks on the browser, and is suggested for all - English-speaking sites. For non-english-speaking Bugzilla sites, I + All this one-liner command does is search for all instances of + "Content-type: text/html" and replaces it with "Content-Type: + text/html; charset=ISO-8859-1". This specification prevents possible + Javascript attacks on the browser, and is suggested for all + English-speaking sites. For non-english-speaking Bugzilla sites, I suggest changing "ISO-8859-1", above, to "UTF-8". _________________________________________________________________ 3.5.6. UNIX Installation Instructions History - This document was originally adapted from the Bonsai installation - instructions by Terry Weissman <terry@mozilla.org>. +This document was originally adapted from the Bonsai installation +instructions by Terry Weissman <terry@mozilla.org>. - The February 25, 1999 re-write of this page was done by Ry4an Brase - <ry4an@ry4an.org>, with some edits by Terry Weissman, Bryce Nesbitt, - Martin Pool, & Dan Mosedale (But don't send bug reports to them; - report them using bugzilla, at - http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla ). +The February 25, 1999 re-write of this page was done by Ry4an Brase +<ry4an@ry4an.org>, with some edits by Terry Weissman, Bryce Nesbitt, Martin +Pool, & Dan Mosedale (But don't send bug reports to them; report them using +bugzilla, at http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla ). - This document was heavily modified again Wednesday, March 07 2001 to - reflect changes for Bugzilla 2.12 release by Matthew P. Barnson. The - securing MySQL section should be changed to become standard procedure - for Bugzilla installations. +This document was heavily modified again Wednesday, March 07 2001 to reflect +changes for Bugzilla 2.12 release by Matthew P. Barnson. The securing MySQL +section should be changed to become standard procedure for Bugzilla +installations. - Finally, the README in its entirety was marked up in SGML and included - into the Guide on April 24, 2001 by Matt Barnson. Since that time, - it's undergone extensive modification as Bugzilla grew. +Finally, the README in its entirety was marked up in SGML and included into +the Guide on April 24, 2001 by Matt Barnson. Since that time, it's undergone +extensive modification as Bugzilla grew. - Comments from people using this Guide for the first time are - particularly welcome. +Comments from people using this Guide for the first time are particularly +welcome. _________________________________________________________________ 3.6. Win32 Installation Notes - This section covers installation on Microsoft Windows 95, 98, ME, NT, - and 2000. Bugzilla works fine on Win32 platforms, but please remember - that the Bugzilla team and the author of the Guide neither endorse nor - support installation on Microsoft Windows. Bugzilla installs and runs - best and easiest on UNIX-like operating systems, and that is the way - it will stay for the foreseeable future. The Bugzilla team is - considering supporting Win32 for the 2.16 release and later. - - The easiest way to install Bugzilla on Intel-archiecture machines is - to install some variant of GNU/Linux, then follow the UNIX - installation instructions in this Guide. If you have any influence in - the platform choice for running this system, please choose GNU/Linux - instead of Microsoft Windows. +This section covers installation on Microsoft Windows 95, 98, ME, NT, and +2000. Bugzilla works fine on Win32 platforms, but please remember that the +Bugzilla team and the author of the Guide neither endorse nor support +installation on Microsoft Windows. Bugzilla installs and runs best and +easiest on UNIX-like operating systems, and that is the way it will stay for +the foreseeable future. The Bugzilla team is considering supporting Win32 +for the 2.16 release and later. + +The easiest way to install Bugzilla on Intel-archiecture machines is to +install some variant of GNU/Linux, then follow the UNIX installation +instructions in this Guide. If you have any influence in the platform choice +for running this system, please choose GNU/Linux instead of Microsoft +Windows. _________________________________________________________________ 3.6.1. Win32 Installation: Step-by-step @@ -1943,6 +1843,7 @@ bash# cd $BUGZILLA_HOME; for i in `ls *.cgi`; \ source code and implementing some advanced utilities. What follows is the recommended installation procedure for Win32; additional suggestions are provided in Appendix A. + 1. Install Apache Web Server for Windows, and copy the Bugzilla files somewhere Apache can serve them. Please follow all the instructions referenced in Bugzilla Installation regarding your @@ -1964,22 +1865,36 @@ bash# cd $BUGZILLA_HOME; for i in `ls *.cgi`; \ Please also check the following links to fully understand the status of ActivePerl on Win32: Perl Porting, and Perl on Win32 FAQ 3. Use ppm from your perl\bin directory to install the following - packs: DBI, DBD-Mysql, TimeDate, Chart, Date-Calc, Date-Manip, and - GD. You may need to extract them from .zip format using Winzip or - other unzip program first. These additional ppm modules can be - downloaded from ActiveState. + packs: DBI, DBD-Mysql, TimeDate, Chart, Date-Calc, Date-Manip, GD, + AppConfig, and Template. You may need to extract them from .zip + format using Winzip or other unzip program first. Most of these + additional ppm modules can be downloaded from ActiveState, but + AppConfig and Template should be obtained from OpenInteract using + the instructions on the Template Toolkit web site. - Note + Note You can find a list of modules at - http://www.activestate.com/PPMPackages/zips/5xx-builds-only/ + http://www.activestate.com/PPMPackages/zips/5xx-builds-only/ or + http://www.activestate.com/PPMPackages/5.6plus The syntax for ppm is: C:> ppm <modulename> Example 3-3. Installing ActivePerl ppd Modules on Microsoft Windows C:>ppm DBD-Mysql Watch your capitalization! - You can find ActiveState ppm modules at - http://www.activestate.com/PPMPackages/5.6plus + ActiveState's 5.6Plus directory also contains an AppConfig ppm, so + you might see the following error when trying to install the + version at OpenInteract: + Error installing package 'AppConfig': Read a PPD for 'AppConfig', + but it is not intended for this build of Perl + (MSWin32-x86-multi-thread) + If so, download both the tarball and the ppd directly from + OpenInteract, then run ppm from within the same directory to which + you downloaded those files and install the package by referencing + the ppd file explicitly via in the install command, f.e.: + Example 3-4. Installing OpenInteract ppd Modules manually on + Microsoft Windows + install C:\AppConfig.ppd 4. Install MySQL for NT. Note @@ -2171,8 +2086,9 @@ binmode(STDOUT); According to bug 62000, the perl documentation says that you should always use binmode() when dealing with binary files, but never when dealing with text files. That seems to suggest that rather than - arbitrarily putting binmode() at the beginning of the attachment files, - there should be logic to determine if binmode() is needed or not. + arbitrarily putting binmode() at the beginning of the attachment + files, there should be logic to determine if binmode() is needed or + not. Tip @@ -2217,7 +2133,7 @@ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ScriptMap Bugzilla 2.13 and later, which includes the current release, Bugzilla 2.14. - Example 3-4. Removing encrypt() for Windows NT Bugzilla version 2.12 + Example 3-5. Removing encrypt() for Windows NT Bugzilla version 2.12 or earlier Replace this: @@ -2235,84 +2151,83 @@ my $enteredcryptpwd = $enteredpwd 3.6.3. Bugzilla LDAP Integration - What follows is some late-breaking information on using the LDAP - authentication options with Bugzilla. The author has not tested these - (nor even formatted this section!) so please contribute feedback to - the newsgroup. - - Mozilla::LDAP module - The Mozilla::LDAP module allows you to use LDAP for authentication to - the Bugzilla system. This module is not required if you are not using - LDAP. - Mozilla::LDAP (aka PerLDAP) is available for download from - http://www.mozilla.org/directory. - NOTE: The Mozilla::LDAP module requires Netscape's Directory SDK. - Follow the link for "Directory SDK for C" on that same page to - download the SDK first. After you have installed this SDK, then - install the PerLDAP module. - ---------------------------------------------------------------------- - Post-Installation Checklist - ---------------------------------------------------------------------- - Set useLDAP to "On" **only** if you will be using an LDAP directory - for authentication. Be very careful when setting up this parameter; - if you set LDAP authentication, but do not have a valid LDAP directory - set up, you will not be able to log back in to Bugzilla once you log - out. (If this happens, you can get back in by manually editing the - data/params file, and setting useLDAP back to 0.) - If using LDAP, you must set the three additional parameters: - Set LDAPserver to the name (and optionally port) of your LDAP server. - If no port is specified, it defaults to the default port of 389. (e.g - "ldap.mycompany.com" or "ldap.mycompany.com:1234") - Set LDAPBaseDN to the base DN for searching for users in your LDAP - directory. (e.g. "ou=People,o=MyCompany") uids must be unique under - the DN specified here. - Set LDAPmailattribute to the name of the attribute in your LDAP - directory which contains the primary email address. On most directory - servers available, this is "mail", but you may need to change this. - ---------------------------------------------------------------------- - (Not sure where this bit should go, but it's important that it be in - there somewhere...) - ---------------------------------------------------------------------- - Using LDAP authentication for Bugzilla: - The existing authentication scheme for Bugzilla uses email addresses - as the primary user ID, and a password to authenticate that user. All - places within Bugzilla where you need to deal with user ID (e.g - assigning a bug) use the email address. - The LDAP authentication builds on top of this scheme, rather than - replacing it. The initial log in is done with a username and password - for the LDAP directory. This then fetches the email address from LDAP - and authenticates seamlessly in the standard Bugzilla authentication - scheme using this email address. If an account for this address - already exists in your Bugzilla system, it will log in to that - account. If no account for that email address exists, one is created - at the time of login. (In this case, Bugzilla will attempt to use the - "displayName" or "cn" attribute to determine the user's full name.) - After authentication, all other user-related tasks are still handled - by email address, not LDAP username. You still assign bugs by email - address, query on users by email address, etc. - ---------------------------------------------------------------------- +What follows is some late-breaking information on using the LDAP +authentication options with Bugzilla. The author has not tested these (nor +even formatted this section!) so please contribute feedback to the +newsgroup. + +Mozilla::LDAP module +The Mozilla::LDAP module allows you to use LDAP for authentication to +the Bugzilla system. This module is not required if you are not using +LDAP. +Mozilla::LDAP (aka PerLDAP) is available for download from +http://www.mozilla.org/directory. +NOTE: The Mozilla::LDAP module requires Netscape's Directory SDK. +Follow the link for "Directory SDK for C" on that same page to +download the SDK first. After you have installed this SDK, then +install the PerLDAP module. +---------------------------------------------------------------------- +Post-Installation Checklist +---------------------------------------------------------------------- +Set useLDAP to "On" **only** if you will be using an LDAP directory +for authentication. Be very careful when setting up this parameter; +if you set LDAP authentication, but do not have a valid LDAP directory +set up, you will not be able to log back in to Bugzilla once you log +out. (If this happens, you can get back in by manually editing the +data/params file, and setting useLDAP back to 0.) +If using LDAP, you must set the three additional parameters: +Set LDAPserver to the name (and optionally port) of your LDAP server. +If no port is specified, it defaults to the default port of 389. (e.g +"ldap.mycompany.com" or "ldap.mycompany.com:1234") +Set LDAPBaseDN to the base DN for searching for users in your LDAP +directory. (e.g. "ou=People,o=MyCompany") uids must be unique under +the DN specified here. +Set LDAPmailattribute to the name of the attribute in your LDAP +directory which contains the primary email address. On most directory +servers available, this is "mail", but you may need to change this. +---------------------------------------------------------------------- +(Not sure where this bit should go, but it's important that it be in +there somewhere...) +---------------------------------------------------------------------- +Using LDAP authentication for Bugzilla: +The existing authentication scheme for Bugzilla uses email addresses +as the primary user ID, and a password to authenticate that user. All +places within Bugzilla where you need to deal with user ID (e.g +assigning a bug) use the email address. +The LDAP authentication builds on top of this scheme, rather than +replacing it. The initial log in is done with a username and password +for the LDAP directory. This then fetches the email address from LDAP +and authenticates seamlessly in the standard Bugzilla authentication +scheme using this email address. If an account for this address +already exists in your Bugzilla system, it will log in to that +account. If no account for that email address exists, one is created +at the time of login. (In this case, Bugzilla will attempt to use the +"displayName" or "cn" attribute to determine the user's full name.) +After authentication, all other user-related tasks are still handled +by email address, not LDAP username. You still assign bugs by email +address, query on users by email address, etc. +---------------------------------------------------------------------- _________________________________________________________________ -Chapter 4. Administering Bugzilla +Chapter 4. Administering Bugzilla Or, I just got this cool thing installed. +Now what the heck do I do with it? - Or, I just got this cool thing installed. Now what the heck do I do - with it? - - So you followed "Bugzilla Installation" to the letter, and logged into - Bugzilla for the very first time with your super-duper god account. - You sit, contentedly staring at the Bugzilla Query Screen, the worst - of the whole mad business of installing this terrific program behind - you. It seems, though, you have nothing yet to query! Your first act - of business should be to setup the operating parameters for Bugzilla - so you can get busy getting data into your bug tracker. +So you followed "Bugzilla Installation" to the letter, and logged into +Bugzilla for the very first time with your super-duper god account. You sit, +contentedly staring at the Bugzilla Query Screen, the worst of the whole mad +business of installing this terrific program behind you. It seems, though, +you have nothing yet to query! Your first act of business should be to setup +the operating parameters for Bugzilla so you can get busy getting data into +your bug tracker. _________________________________________________________________ 4.1. Post-Installation Checklist - After installation, follow the checklist below to help ensure that you - have a successful installation. If you do not see a recommended - setting for a parameter, consider leaving it at the default while you - perform your initial tests on your Bugzilla setup. +After installation, follow the checklist below to help ensure that you have +a successful installation. If you do not see a recommended setting for a +parameter, consider leaving it at the default while you perform your initial +tests on your Bugzilla setup. + 1. Bring up editparams.cgi in your web browser. This should be available as the "edit parameters" link from any Bugzilla screen once you have logged in. @@ -2456,7 +2371,7 @@ Chapter 4. Administering Bugzilla restrictions on the bug; if the "watcher" would not normally be allowed to view a bug, the watcher cannot get around the system by setting herself up to watch the bugs of someone with bugs outside - her priveleges. She would still only receive email updates for + her privileges. She would still only receive email updates for those bugs she could normally view. For Bugzilla sites which require strong inter-Product security to prevent snooping, watchers are not a good idea. @@ -2469,17 +2384,17 @@ Chapter 4. Administering Bugzilla 4.2. User Administration - User administration is one of the easiest parts of Bugzilla. Keeping - it from getting out of hand, however, can become a challenge. +User administration is one of the easiest parts of Bugzilla. Keeping it from +getting out of hand, however, can become a challenge. _________________________________________________________________ 4.2.1. Creating the Default User - When you first run checksetup.pl after installing Bugzilla, it will - prompt you for the administrative username (email address) and - password for this "super user". If for some reason you were to delete - the "super user" account, re-running checksetup.pl will again prompt - you for this username and password. +When you first run checksetup.pl after installing Bugzilla, it will prompt +you for the administrative username (email address) and password for this +"super user". If for some reason you were to delete the "super user" +account, re-running checksetup.pl will again prompt you for this username +and password. Tip @@ -2509,9 +2424,9 @@ Chapter 4. Administering Bugzilla 4.2.2.2. Creating new users - Your users can create their own user accounts by clicking the "New - Account" link at the bottom of each page. However, should you desire - to create user accounts ahead of time, here is how you do it. +Your users can create their own user accounts by clicking the "New Account" +link at the bottom of each page. However, should you desire to create user +accounts ahead of time, here is how you do it. 1. After logging in, click the "Users" link at the footer of the query page. @@ -2546,12 +2461,11 @@ Chapter 4. Administering Bugzilla 4.2.2.3. Disabling Users - I bet you noticed that big "Disabled Text" entry box available from - the "Add New User" screen, when you edit an account? By entering any - text in this box and selecting "submit", you have prevented the user - from using Bugzilla via the web interface. Your explanation, written - in this text box, will be presented to the user the next time she - attempts to use the system. +I bet you noticed that big "Disabled Text" entry box available from the "Add +New User" screen, when you edit an account? By entering any text in this box +and selecting "submit", you have prevented the user from using Bugzilla via +the web interface. Your explanation, written in this text box, will be +presented to the user the next time she attempts to use the system. Warning @@ -2565,8 +2479,8 @@ Chapter 4. Administering Bugzilla 4.2.2.4. Modifying Users - Here I will attempt to describe the function of each option on the - Edit User screen. +Here I will attempt to describe the function of each option on the Edit User +screen. * Login Name: This is generally the user's email address. However, if you have edited your system parameters, this may just be the @@ -2646,7 +2560,7 @@ Chapter 4. Administering Bugzilla and then the feature goes unused. * Editusers: This flag allows a user do what you're doing right now: edit other users. This will allow those with the right to do so to - remove administrator priveleges from other users or grant them to + remove administrator privileges from other users or grant them to themselves. Enable with care. * PRODUCT: PRODUCT bugs access. This allows an administrator, with product-level granularity, to specify in which products a user can @@ -2659,29 +2573,26 @@ Chapter 4. Administering Bugzilla 4.3. Product, Component, Milestone, and Version Administration - + Dear Lord, we have to get our users to do WHAT? _________________________________________________________________ -4.3.1. Products - - Formerly, and in some spots still, called "Programs" +4.3.1. ProductsFormerly, and in some spots still, called "Programs" - Products are the broadest category in Bugzilla, and you should have - the least of these. If your company makes computer games, you should - have one product per game, and possibly a few special products - (website, meetings...) +Products are the broadest category in Bugzilla, and you should have the +least of these. If your company makes computer games, you should have one +product per game, and possibly a few special products (website, meetings...) - A Product (formerly called "Program", and still referred to that way - in some portions of the source code) controls some very important - functions. The number of "votes" available for users to vote for the - most important bugs is set per-product, as is the number of votes - required to move a bug automatically from the UNCONFIRMED status to - the NEW status. One can close a Product for further bug entry and - define various Versions available from the Edit product screen. +A Product (formerly called "Program", and still referred to that way in some +portions of the source code) controls some very important functions. The +number of "votes" available for users to vote for the most important bugs is +set per-product, as is the number of votes required to move a bug +automatically from the UNCONFIRMED status to the NEW status. One can close a +Product for further bug entry and define various Versions available from the +Edit product screen. - To create a new product: +To create a new product: 1. Select "components" from the yellow footer @@ -2705,7 +2616,7 @@ Chapter 4. Administering Bugzilla 4.3.2. Components - Components are subsections of a Product. +Components are subsections of a Product. Example 4-1. Creating some Components @@ -2715,24 +2626,24 @@ Chapter 4. Administering Bugzilla sense to divide Components in Bugzilla according to the natural divisions of responsibility within your Product or company. - Each component has a owner and (if you turned it on in the - parameters), a QA Contact. The owner should be the primary person who - fixes bugs in that component. The QA Contact should be the person who - will ensure these bugs are completely fixed. The Owner, QA Contact, - and Reporter will get email when new bugs are created in this - Component and when these bugs change. Default Owner and Default QA - Contact fields only dictate the default assignments; the Owner and QA - Contact fields in a bug are otherwise unrelated to the Component. +Each component has a owner and (if you turned it on in the parameters), a QA +Contact. The owner should be the primary person who fixes bugs in that +component. The QA Contact should be the person who will ensure these bugs +are completely fixed. The Owner, QA Contact, and Reporter will get email +when new bugs are created in this Component and when these bugs change. +Default Owner and Default QA Contact fields only dictate the default +assignments; the Owner and QA Contact fields in a bug are otherwise +unrelated to the Component. To create a new Component: 1. Select the "Edit components" link from the "Edit product" page - 2. Select the "Add" link to the right of the "Add a new component" + 2. Select the "Add" link to the right of the "Add a new component" text on the "Select Component" page. - 3. Fill out the "Component" field, a short "Description", and the - "Initial Owner". The Component and Description fields are - free-form; the "Initial Owner" field must be that of a user ID - already existing in the database. If the initial owner does not + 3. Fill out the "Component" field, a short "Description", and the + "Initial Owner". The Component and Description fields are + free-form; the "Initial Owner" field must be that of a user ID + already existing in the database. If the initial owner does not exist, Bugzilla will refuse to create the component. Tip @@ -2749,16 +2660,16 @@ Chapter 4. Administering Bugzilla and you can modify the product to use the Default Owner information you require. - 4. Either Edit more components or return to the Bugzilla Query Page. - To return to the Product you were editing, you must select the + 4. Either Edit more components or return to the Bugzilla Query Page. + To return to the Product you were editing, you must select the Components link as before. _________________________________________________________________ 4.3.3. Versions - Versions are the revisions of the product, such as "Flinders 3.1", - "Flinders 95", and "Flinders 2000". Using Versions helps you isolate - code changes and are an aid in reporting. +Versions are the revisions of the product, such as "Flinders 3.1", "Flinders +95", and "Flinders 2000". Using Versions helps you isolate code changes and +are an aid in reporting. Example 4-2. Common Use of Versions @@ -2772,63 +2683,63 @@ Chapter 4. Administering Bugzilla Example 4-3. A Different Use of Versions - This field has been used to good effect by an online service provider - in a slightly different way. They had three versions of the product: - "Production", "QA", and "Dev". Although it may be the same product, a - bug in the development environment is not normally as critical as a + This field has been used to good effect by an online service provider + in a slightly different way. They had three versions of the product: + "Production", "QA", and "Dev". Although it may be the same product, a + bug in the development environment is not normally as critical as a Production bug, nor does it need to be reported publicly. When used in - conjunction with Target Milestones, one can easily specify the - environment where a bug can be reproduced, and the Milestone by which + conjunction with Target Milestones, one can easily specify the + environment where a bug can be reproduced, and the Milestone by which it will be fixed. To create and edit Versions: 1. From the "Edit product" screen, select "Edit Versions" - 2. You will notice that the product already has the default version - "undefined". If your product doesn't use version numbers, you may - want to leave this as it is or edit it so that it is "---". You + 2. You will notice that the product already has the default version + "undefined". If your product doesn't use version numbers, you may + want to leave this as it is or edit it so that it is "---". You can then go back to the edit versions page and add new versions to your product. - Otherwise, click the "Add" button to the right of the "Add a new + Otherwise, click the "Add" button to the right of the "Add a new version" text. 3. Enter the name of the Version. This can be free-form characters up to the limit of the text box. Then select the "Add" button. - 4. At this point you can select "Edit" to edit more Versions, or - return to the "Query" page, from which you can navigate back to + 4. At this point you can select "Edit" to edit more Versions, or + return to the "Query" page, from which you can navigate back to the product through the "components" link at the foot of the Query page. _________________________________________________________________ 4.3.4. Milestones - Milestones are "targets" that you plan to get a bug fixed by. For - example, you have a bug that you plan to fix for your 3.0 release, it - would be assigned the milestone of 3.0. Or, you have a bug that you - plan to fix for 2.8, this would have a milestone of 2.8. +Milestones are "targets" that you plan to get a bug fixed by. For example, +you have a bug that you plan to fix for your 3.0 release, it would be +assigned the milestone of 3.0. Or, you have a bug that you plan to fix for +2.8, this would have a milestone of 2.8. Note Milestone options will only appear for a Product if you turned the "usetargetmilestone" field in the "Edit Parameters" screen "On". - To create new Milestones, set Default Milestones, and set Milestone + To create new Milestones, set Default Milestones, and set Milestone URL: 1. Select "edit milestones" 2. Select "Add" to the right of the "Add a new milestone" text - 3. Enter the name of the Milestone in the "Milestone" field. You can - optionally set the "Sortkey", which is a positive or negative - number (-255 to 255) that defines where in the list this + 3. Enter the name of the Milestone in the "Milestone" field. You can + optionally set the "Sortkey", which is a positive or negative + number (-255 to 255) that defines where in the list this particular milestone appears. Select "Add". Example 4-4. Using SortKey with Target Milestone Let's say you create a target milestone called "Release 1.0", with Sortkey set to "0". Later, you realize that you will have a public - beta, called "Beta1". You can create a Milestone called "Beta1", - with a Sortkey of "-1" in order to ensure people will see the + beta, called "Beta1". You can create a Milestone called "Beta1", + with a Sortkey of "-1" in order to ensure people will see the Target Milestone of "Beta1" earlier on the list than "Release 1.0" 4. If you want to add more milestones, select the "Edit" link. If you - don't, well shoot, you have to go back to the "query" page and - select "components" again, and make your way back to the Product + don't, well shoot, you have to go back to the "query" page and + select "components" again, and make your way back to the Product you were editing. Note @@ -2838,42 +2749,42 @@ Chapter 4. Administering Bugzilla of "edit the Product I was editing when I ended up here"? In any case, clicking "components" in the footer takes you back to the "Select product" screen, from which you can begin editing your product again. - 5. From the Edit product screen again (once you've made your way + 5. From the Edit product screen again (once you've made your way back), enter the URL for a description of what your milestones are for this product in the "Milestone URL" field. It should be of the format "http://www.foo.com/bugzilla/product_milestones.html" - Some common uses of this field include product descriptions, - product roadmaps, and of course a simple description of the + Some common uses of this field include product descriptions, + product roadmaps, and of course a simple description of the meaning of each milestone. - 6. If you're using Target Milestones, the "Default Milestone" field - must have some kind of entry. If you really don't care if people - set coherent Target Milestones, simply leave this at the default, - "---". However, controlling and regularly updating the Default - Milestone field is a powerful tool when reporting the status of + 6. If you're using Target Milestones, the "Default Milestone" field + must have some kind of entry. If you really don't care if people + set coherent Target Milestones, simply leave this at the default, + "---". However, controlling and regularly updating the Default + Milestone field is a powerful tool when reporting the status of projects. Select the "Update" button when you are done. _________________________________________________________________ 4.3.5. Voting - The concept of "voting" is a poorly understood, yet powerful feature - for the management of open-source projects. Each user is assigned so - many Votes per product, which they can freely reassign (or assign - multiple votes to a single bug). This allows developers to gauge user - need for a particular enhancement or bugfix. By allowing bugs with a - certain number of votes to automatically move from "UNCONFIRMED" to - "NEW", users of the bug system can help high-priority bugs garner - attention so they don't sit for a long time awaiting triage. - - The daunting challenge of Votes is deciding where you draw the line - for a "vocal majority". If you only have a user base of 100 users, - setting a low threshold for bugs to move from UNCONFIRMED to NEW makes - sense. As the Bugzilla user base expands, however, these thresholds - must be re-evaluated. You should gauge whether this feature is worth - the time and close monitoring involved, and perhaps forego - implementation until you have a critical mass of users who demand it. - - To modify Voting settings: +The concept of "voting" is a poorly understood, yet powerful feature for the +management of open-source projects. Each user is assigned so many Votes per +product, which they can freely reassign (or assign multiple votes to a +single bug). This allows developers to gauge user need for a particular +enhancement or bugfix. By allowing bugs with a certain number of votes to +automatically move from "UNCONFIRMED" to "NEW", users of the bug system can +help high-priority bugs garner attention so they don't sit for a long time +awaiting triage. + +The daunting challenge of Votes is deciding where you draw the line for a +"vocal majority". If you only have a user base of 100 users, setting a low +threshold for bugs to move from UNCONFIRMED to NEW makes sense. As the +Bugzilla user base expands, however, these thresholds must be re-evaluated. +You should gauge whether this feature is worth the time and close monitoring +involved, and perhaps forego implementation until you have a critical mass +of users who demand it. + +To modify Voting settings: 1. Navigate to the "Edit product" screen for the Product you wish to modify @@ -2903,10 +2814,9 @@ Chapter 4. Administering Bugzilla 4.3.6. Groups and Group Security - Groups can be very useful in bugzilla, because they allow users to - isolate bugs or products that should only be seen by certain people. - Groups can also be a complicated minefield of interdependencies and - weirdness if mismanaged. +Groups can be very useful in bugzilla, because they allow users to isolate +bugs or products that should only be seen by certain people. Groups can also +be a complicated minefield of interdependencies and weirdness if mismanaged. Example 4-5. When to Use Group Security @@ -2920,12 +2830,11 @@ Chapter 4. Administering Bugzilla change the Group mask on individual bugs to restrict access to members only of certain Groups. - Groups only work if you enable the "usebuggroups" paramater. In - addition, if the "usebuggroupsentry" parameter is "On", one can - restrict access to products by groups, so that only members of a - product group are able to view bugs within that product. Group - security in Bugzilla can be divided into two categories: Generic and - Product-Based. +Groups only work if you enable the "usebuggroups" paramater. In addition, if +the "usebuggroupsentry" parameter is "On", one can restrict access to +products by groups, so that only members of a product group are able to view +bugs within that product. Group security in Bugzilla can be divided into two +categories: Generic and Product-Based. Note @@ -2958,18 +2867,18 @@ Chapter 4. Administering Bugzilla 1. Turn "On" "usebuggroups" in the "Edit Parameters" screen. 2. You will generally have no groups set up. Select the "groups" link in the footer. - 3. Take a moment to understand the instructions on the "Edit Groups" + 3. Take a moment to understand the instructions on the "Edit Groups" screen. Once you feel confident you understand what is expected of you, select the "Add Group" link. 4. Fill out the "New Name" (remember, no spaces!), "New Description", - and "New User RegExp" fields. "New User RegExp" allows you to - automatically place all users who fulfill the Regular Expression + and "New User RegExp" fields. "New User RegExp" allows you to + automatically place all users who fulfill the Regular Expression into the new group. Example 4-6. Creating a New Group - I created a group called DefaultGroup with a description of "This - is simply a group to play with", and a New User RegExp of - ".*@mydomain.tld". This new group automatically includes all - Bugzilla users with "@mydomain.tld" at the end of their user id. + I created a group called DefaultGroup with a description of "This + is simply a group to play with", and a New User RegExp of + ".*@mydomain.tld". This new group automatically includes all + Bugzilla users with "@mydomain.tld" at the end of their user id. When I finished, my new group was assigned bit #128. When you have finished, select the Add button. @@ -2984,7 +2893,7 @@ Chapter 4. Administering Bugzilla multiple Bugzillas or using Generic Group Security instead of Product-Based ("usebuggroupsentry") Group Security. - 1. Turn "On" "usebuggroups" and "usebuggroupsentry" in the "Edit + 1. Turn "On" "usebuggroups" and "usebuggroupsentry" in the "Edit Parameters" screen. Warning @@ -2996,12 +2905,12 @@ Chapter 4. Administering Bugzilla only. In other words, manage bugs with an unpriveleged user account, and manage users, groups, Products, etc. with the administrative account. - 2. You will generally have no Groups set up, unless you enabled - "usebuggroupsentry" prior to creating any Products. To create - "Generic Group Security" groups, follow the instructions given - above. To create Product-Based Group security, simply follow the - instructions for creating a new Product. If you need to add users - to these new groups as you create them, you will find the option + 2. You will generally have no Groups set up, unless you enabled + "usebuggroupsentry" prior to creating any Products. To create + "Generic Group Security" groups, follow the instructions given + above. To create Product-Based Group security, simply follow the + instructions for creating a new Product. If you need to add users + to these new groups as you create them, you will find the option to add them to the group available under the "Edit User" screens. You may find this example illustrative for how bug groups work. @@ -3076,7 +2985,7 @@ Chapter 4. Administering Bugzilla because he is not in Group3. Bug7 can be seen by anyone who is in Group1, Group2, and Group3. This is only User4. All of the others are missing at least one of those - group priveleges, and thus cannot see the bug. + group privileges, and thus cannot see the bug. Bug8 can be seen by anyone who is in Group1, Group2, Group3, and Group4. There is nobody in all four of these groups, so nobody can see Bug8. It doesn't matter that User4 is in Group1, Group2, and @@ -3108,23 +3017,23 @@ Chapter 4. Administering Bugzilla of these directions for specific platforms, please submit them to mozilla-webtools@mozilla.org - 1. Ensure you are running at least MysQL version 3.22.32 or newer. - Earlier versions had notable security holes and poorly secured + 1. Ensure you are running at least MysQL version 3.22.32 or newer. + Earlier versions had notable security holes and poorly secured default configuration choices. 2. There is no substitute for understanding the tools on your system! - Read The MySQL Privilege System until you can recite it from + Read The MySQL Privilege System until you can recite it from memory! At the very least, ensure you password the "mysql -u root" account - and the "bugs" account, establish grant table rights (consult the - Keystone guide in Appendix C: The Bugzilla Database for some - easy-to-use details) that do not allow CREATE, DROP, RELOAD, - SHUTDOWN, and PROCESS for user "bugs". I wrote up the Keystone + and the "bugs" account, establish grant table rights (consult the + Keystone guide in Appendix C: The Bugzilla Database for some + easy-to-use details) that do not allow CREATE, DROP, RELOAD, + SHUTDOWN, and PROCESS for user "bugs". I wrote up the Keystone advice back when I knew far less about security than I do now : ) - 3. Lock down /etc/inetd.conf. Heck, disable inet entirely on this + 3. Lock down /etc/inetd.conf. Heck, disable inet entirely on this box. It should only listen to port 25 for Sendmail and port 80 for Apache. - 4. Do not run Apache as "nobody". This will require very lax - permissions in your Bugzilla directories. Run it, instead, as a + 4. Do not run Apache as "nobody". This will require very lax + permissions in your Bugzilla directories. Run it, instead, as a user with a name, set via your httpd.conf file. Note @@ -3135,17 +3044,17 @@ Chapter 4. Administering Bugzilla recommend you create unique user ID's for each daemon running on your system and, if possible, use "chroot" to jail that process away from the rest of your system. - 5. Ensure you have adequate access controls for the - $BUGZILLA_HOME/data/ and $BUGZILLA_HOME/shadow/ directories, as + 5. Ensure you have adequate access controls for the + $BUGZILLA_HOME/data/ and $BUGZILLA_HOME/shadow/ directories, as well as the $BUGZILLA_HOME/localconfig and - $BUGZILLA_HOME/globals.pl files. The localconfig file stores your + $BUGZILLA_HOME/globals.pl files. The localconfig file stores your "bugs" user password, which would be terrible to have in the hands - of a criminal, while the "globals.pl" stores some default - information regarding your installation which could aid a system - cracker. In addition, some files under $BUGZILLA_HOME/data/ store - sensitive information, and $BUGZILLA_HOME/shadow/ stores bug - information for faster retrieval. If you fail to secure these - directories and this file, you will expose bug information to + of a criminal, while the "globals.pl" stores some default + information regarding your installation which could aid a system + cracker. In addition, some files under $BUGZILLA_HOME/data/ store + sensitive information, and $BUGZILLA_HOME/shadow/ stores bug + information for faster retrieval. If you fail to secure these + directories and this file, you will expose bug information to those who may not be allowed to see it. Note @@ -3165,23 +3074,23 @@ Chapter 4. Administering Bugzilla properly and you must fix this problem before deploying Bugzilla. If, however, it gives you a "Forbidden" error, then it probably respects the .htaccess conventions and you are good to go. - On Apache, you can use .htaccess files to protect access to these - directories, as outlined in Bug 57161 for the localconfig file, - and Bug 65572 for adequate protection in your data/ and shadow/ + On Apache, you can use .htaccess files to protect access to these + directories, as outlined in Bug 57161 for the localconfig file, + and Bug 65572 for adequate protection in your data/ and shadow/ directories. Note the instructions which follow are Apache-specific. If you use - IIS, Netscape, or other non-Apache web servers, please consult + IIS, Netscape, or other non-Apache web servers, please consult your system documentation for how to secure these files from being transmitted to curious users. - Place the following text into a file named ".htaccess", readable + Place the following text into a file named ".htaccess", readable by your web server, in your $BUGZILLA_HOME/data directory. <Files comments> allow from all </Files> deny from all - Place the following text into a file named ".htaccess", readable + Place the following text into a file named ".htaccess", readable by your web server, in your $BUGZILLA_HOME/ directory. <Files localconfig> deny from all </Files> allow from all - Place the following text into a file named ".htaccess", readable + Place the following text into a file named ".htaccess", readable by your web server, in your $BUGZILLA_HOME/shadow directory. deny from all _________________________________________________________________ @@ -3190,64 +3099,63 @@ Chapter 5. Integrating Bugzilla with Third-Party Tools 5.1. Bonsai - Bonsai is a web-based tool for managing CVS, the Concurrent Versioning - System . Using Bonsai, administrators can control open/closed status - of trees, query a fast relational database back-end for change, - branch, and comment information, and view changes made since the last - time the tree was closed. These kinds of changes cause the engineer - responsible to be "on the hook" (include cool URL link here for Hook - policies at mozilla.org). Bonsai also includes gateways to Tinderbox, - the Mozilla automated build management system and Bugzilla +Bonsai is a web-based tool for managing CVS, the Concurrent Versioning +System . Using Bonsai, administrators can control open/closed status of +trees, query a fast relational database back-end for change, branch, and +comment information, and view changes made since the last time the tree was +closed. These kinds of changes cause the engineer responsible to be "on the +hook" (include cool URL link here for Hook policies at mozilla.org). Bonsai +also includes gateways to Tinderbox, the Mozilla automated build management +system and Bugzilla _________________________________________________________________ 5.2. CVS - CVS integration is best accomplished, at this point, using the - Bugzilla Email Gateway. There have been some files submitted to allow - greater CVS integration, but we need to make certain that Bugzilla is - not tied into one particular software management package. - - Follow the instructions in the FAQ for enabling Bugzilla e-mail - integration. Ensure that your check-in script sends an email to your - Bugzilla e-mail gateway with the subject of "[Bug XXXX]", and you can - have CVS check-in comments append to your Bugzilla bug. If you have - your check-in script include an @resolution field, you can even change - the Bugzilla bug state. - - There is also a project, based upon somewhat dated Bugzilla code, to - integrate CVS and Bugzilla through CVS' ability to email. Check it out - at: http://homepages.kcbbs.gen.nz/~tonyg/, under the "cvszilla" link. +CVS integration is best accomplished, at this point, using the Bugzilla +Email Gateway. There have been some files submitted to allow greater CVS +integration, but we need to make certain that Bugzilla is not tied into one +particular software management package. + +Follow the instructions in the FAQ for enabling Bugzilla e-mail integration. +Ensure that your check-in script sends an email to your Bugzilla e-mail +gateway with the subject of "[Bug XXXX]", and you can have CVS check-in +comments append to your Bugzilla bug. If you have your check-in script +include an @resolution field, you can even change the Bugzilla bug state. + +There is also a project, based upon somewhat dated Bugzilla code, to +integrate CVS and Bugzilla through CVS' ability to email. Check it out at: +http://homepages.kcbbs.gen.nz/~tonyg/, under the "cvszilla" link. _________________________________________________________________ 5.3. Perforce SCM - You can find the project page for Bugzilla and Teamtrack Perforce - integration (p4dti) at: http://www.ravenbrook.com/project/p4dti . - "p4dti" is now an officially supported product from Perforce, and you - can find the "Perforce Public Depot" p4dti page at - http://public.perforce.com/public/perforce/p4dti/index.html. - - Integration of Perforce with Bugzilla, once patches are applied, is - seamless. Perforce replication information will appear below the - comments of each bug. Be certain you have a matching set of patches - for the Bugzilla version you are installing. p4dti is designed to - support multiple defect trackers, and maintains its own documentation - for it. Please consult the pages linked above for further information. +You can find the project page for Bugzilla and Teamtrack Perforce +integration (p4dti) at: http://www.ravenbrook.com/project/p4dti . "p4dti" is +now an officially supported product from Perforce, and you can find the +"Perforce Public Depot" p4dti page at +http://public.perforce.com/public/perforce/p4dti/index.html. + +Integration of Perforce with Bugzilla, once patches are applied, is +seamless. Perforce replication information will appear below the comments of +each bug. Be certain you have a matching set of patches for the Bugzilla +version you are installing. p4dti is designed to support multiple defect +trackers, and maintains its own documentation for it. Please consult the +pages linked above for further information. _________________________________________________________________ 5.4. Tinderbox/Tinderbox2 - We need Tinderbox integration information. +We need Tinderbox integration information. _________________________________________________________________ Chapter 6. The Future of Bugzilla - Bugzilla's Future. Much of this is the present, now. +Bugzilla's Future. Much of this is the present, now. - Bugzilla's future is a constantly-changing thing, as various + Bugzilla's future is a constantly-changing thing, as various developers "scratch an itch" when it comes to functionality. Thus this - section is very malleable, subject to change without notice, etc. - You'll probably also notice the lack of formatting. I apologize that + section is very malleable, subject to change without notice, etc. + You'll probably also notice the lack of formatting. I apologize that it's not quite as readable as the rest of the Guide. Bugzilla Blue Sky @@ -3839,70 +3747,68 @@ Chapter 6. The Future of Bugzilla Chapter 7. Bugzilla Variants and Competitors - I created this section to answer questions about Bugzilla competitors - and variants, then found a wonderful site which covers an awful lot of - what I wanted to discuss. Rather than quote it in its entirety, I'll - simply refer you here: http://linas.org/linux/pm.html +I created this section to answer questions about Bugzilla competitors and +variants, then found a wonderful site which covers an awful lot of what I +wanted to discuss. Rather than quote it in its entirety, I'll simply refer +you here: http://linas.org/linux/pm.html _________________________________________________________________ 7.1. Red Hat Bugzilla - Red Hat Bugzilla is probably the most popular Bugzilla variant on the - planet. One of the major benefits of Red Hat Bugzilla is the ability - to work with Oracle, MySQL, and PostGreSQL databases serving as the - back-end, instead of just MySQL. Dave Lawrence has worked very hard to - keep Red Hat Bugzilla up-to-date, and many people prefer the - snappier-looking page layout of Red Hat Bugzilla to the default - Mozilla-standard formatting. +Red Hat Bugzilla is probably the most popular Bugzilla variant on the +planet. One of the major benefits of Red Hat Bugzilla is the ability to work +with Oracle, MySQL, and PostGreSQL databases serving as the back-end, +instead of just MySQL. Dave Lawrence has worked very hard to keep Red Hat +Bugzilla up-to-date, and many people prefer the snappier-looking page layout +of Red Hat Bugzilla to the default Mozilla-standard formatting. - URL: http://bugzilla.redhat.com/bugzilla/ +URL: http://bugzilla.redhat.com/bugzilla/ _________________________________________________________________ 7.2. Loki Bugzilla (Fenris) - Fenris can be found at http://fenris.lokigames.com. It is a fork from - Bugzilla. +Fenris can be found at http://fenris.lokigames.com. It is a fork from +Bugzilla. _________________________________________________________________ 7.3. Issuezilla - Issuezilla is another fork from Bugzilla, and seems nearly as popular - as the Red Hat Bugzilla fork. Some Issuezilla team members are regular - contributors to the Bugzilla mailing list/newsgroup. Issuezilla is not - the primary focus of bug-tracking at tigris.org, however. Their - Java-based bug-tracker, Scarab, a newfangled Java-based issue tracker, - is under heavy development and looks promising! +Issuezilla is another fork from Bugzilla, and seems nearly as popular as the +Red Hat Bugzilla fork. Some Issuezilla team members are regular contributors +to the Bugzilla mailing list/newsgroup. Issuezilla is not the primary focus +of bug-tracking at tigris.org, however. Their Java-based bug-tracker, +Scarab, a newfangled Java-based issue tracker, is under heavy development +and looks promising! - URL: http://issuezilla.tigris.org/servlets/ProjectHome +URL: http://issuezilla.tigris.org/servlets/ProjectHome _________________________________________________________________ 7.4. Scarab - Scarab is a promising new bug-tracking system built using Java Serlet - technology. As of this writing, no source code has been released as a - package, but you can obtain the code from CVS. +Scarab is a promising new bug-tracking system built using Java Serlet +technology. As of this writing, no source code has been released as a +package, but you can obtain the code from CVS. - URL: http://scarab.tigris.org +URL: http://scarab.tigris.org _________________________________________________________________ 7.5. Perforce SCM - Although Perforce isn't really a bug tracker, it can be used as such - through the "jobs" functionality. +Although Perforce isn't really a bug tracker, it can be used as such through +the "jobs" functionality. - http://www.perforce.com/perforce/technotes/note052.htmlhttp://www.perf - orce.com/perforce/technotes/note052.html +http://www.perforce.com/perforce/technotes/note052.htmlhttp://www.perforce.c +om/perforce/technotes/note052.html _________________________________________________________________ 7.6. SourceForge - SourceForge is more of a way of coordinating geographically - distributed free software and open source projects over the Internet - than strictly a bug tracker, but if you're hunting for bug-tracking - for your open project, it may be just what the software engineer - ordered! +SourceForge is more of a way of coordinating geographically distributed free +software and open source projects over the Internet than strictly a bug +tracker, but if you're hunting for bug-tracking for your open project, it +may be just what the software engineer ordered! - URL: http://www.sourceforge.net +URL: http://www.sourceforge.net _________________________________________________________________ Appendix A. The Bugzilla FAQ @@ -5170,38 +5076,35 @@ if ($::FORM{sub} eq 'PutFooter') { Appendix B. Software Download Links - All of these sites are current as of April, 2001. Hopefully they'll - stay current for a while. +All of these sites are current as of April, 2001. Hopefully they'll stay +current for a while. - Apache Web Server: http://www.apache.org Optional web server for - Bugzilla, but recommended because of broad user base and support. +Apache Web Server: http://www.apache.org Optional web server for Bugzilla, +but recommended because of broad user base and support. - Bugzilla: http://www.mozilla.org/projects/bugzilla/ +Bugzilla: http://www.mozilla.org/projects/bugzilla/ - MySQL: http://www.mysql.com/ +MySQL: http://www.mysql.com/ - Perl: http://www.perl.org/ +Perl: http://www.perl.org/ - CPAN: http://www.cpan.org/ +CPAN: http://www.cpan.org/ - DBI Perl module: http://www.cpan.org/modules/by-module/DBI/ +DBI Perl module: http://www.cpan.org/modules/by-module/DBI/ - Data::Dumper module: http://www.cpan.org/modules/by-module/Data/ +Data::Dumper module: http://www.cpan.org/modules/by-module/Data/ - MySQL related Perl modules: - http://www.cpan.org/modules/by-module/Mysql/ +MySQL related Perl modules: http://www.cpan.org/modules/by-module/Mysql/ - TimeDate Perl module collection: - http://www.cpan.org/modules/by-module/Date/ +TimeDate Perl module collection: http://www.cpan.org/modules/by-module/Date/ - GD Perl module: http://www.cpan.org/modules/by-module/GD/ Alternately, - you should be able to find the latest version of GD at - http://www.boutell.com/gd/ +GD Perl module: http://www.cpan.org/modules/by-module/GD/ Alternately, you +should be able to find the latest version of GD at +http://www.boutell.com/gd/ - Chart::Base module: http://www.cpan.org/modules/by-module/Chart/ +Chart::Base module: http://www.cpan.org/modules/by-module/Chart/ - LinuxDoc Software: http://www.linuxdoc.org/ (for documentation - maintenance) +LinuxDoc Software: http://www.linuxdoc.org/ (for documentation maintenance) _________________________________________________________________ Appendix C. The Bugzilla Database @@ -5215,77 +5118,74 @@ Appendix C. The Bugzilla Database C.1. Database Schema Chart - Database Relationships + [dbschema.jpg] Bugzilla database relationships chart _________________________________________________________________ C.2. MySQL Bugzilla Database Introduction - This information comes straight from my life. I was forced to learn - how Bugzilla organizes database because of nitpicky requests from - users for tiny changes in wording, rather than having people - re-educate themselves or figure out how to work our procedures around - the tool. It sucks, but it can and will happen to you, so learn how - the schema works and deal with it when it comes. - - So, here you are with your brand-new installation of Bugzilla. You've - got MySQL set up, Apache working right, Perl DBI and DBD talking to - the database flawlessly. Maybe you've even entered a few test bugs to - make sure email's working; people seem to be notified of new bugs and - changes, and you can enter and edit bugs to your heart's content. - Perhaps you've gone through the trouble of setting up a gateway for - people to submit bugs to your database via email, have had a few - people test it, and received rave reviews from your beta testers. - - What's the next thing you do? Outline a training strategy for your - development team, of course, and bring them up to speed on the new - tool you've labored over for hours. - - Your first training session starts off very well! You have a captive - audience which seems enraptured by the efficiency embodied in this - thing called "Bugzilla". You are caught up describing the nifty - features, how people can save favorite queries in the database, set - them up as headers and footers on their pages, customize their - layouts, generate reports, track status with greater efficiency than - ever before, leap tall buildings with a single bound and rescue Jane - from the clutches of Certain Death! - - But Certain Death speaks up -- a tiny voice, from the dark corners of - the conference room. "I have a concern," the voice hisses from the - darkness, "about the use of the word 'verified'. - - The room, previously filled with happy chatter, lapses into - reverential silence as Certain Death (better known as the Vice - President of Software Engineering) continues. "You see, for two years - we've used the word 'verified' to indicate that a developer or quality - assurance engineer has confirmed that, in fact, a bug is valid. I - don't want to lose two years of training to a new software product. - You need to change the bug status of 'verified' to 'approved' as soon - as possible. To avoid confusion, of course." - - Oh no! Terror strikes your heart, as you find yourself mumbling "yes, - yes, I don't think that would be a problem," You review the changes - with Certain Death, and continue to jabber on, "no, it's not too big a - change. I mean, we have the source code, right? You know, 'Use the - Source, Luke' and all that... no problem," All the while you quiver - inside like a beached jellyfish bubbling, burbling, and boiling on a - hot Jamaican sand dune... - - Thus begins your adventure into the heart of Bugzilla. You've been - forced to learn about non-portable enum() fields, varchar columns, and - tinyint definitions. The Adventure Awaits You! +This information comes straight from my life. I was forced to learn how +Bugzilla organizes database because of nitpicky requests from users for tiny +changes in wording, rather than having people re-educate themselves or +figure out how to work our procedures around the tool. It sucks, but it can +and will happen to you, so learn how the schema works and deal with it when +it comes. + +So, here you are with your brand-new installation of Bugzilla. You've got +MySQL set up, Apache working right, Perl DBI and DBD talking to the database +flawlessly. Maybe you've even entered a few test bugs to make sure email's +working; people seem to be notified of new bugs and changes, and you can +enter and edit bugs to your heart's content. Perhaps you've gone through the +trouble of setting up a gateway for people to submit bugs to your database +via email, have had a few people test it, and received rave reviews from +your beta testers. + +What's the next thing you do? Outline a training strategy for your +development team, of course, and bring them up to speed on the new tool +you've labored over for hours. + +Your first training session starts off very well! You have a captive +audience which seems enraptured by the efficiency embodied in this thing +called "Bugzilla". You are caught up describing the nifty features, how +people can save favorite queries in the database, set them up as headers and +footers on their pages, customize their layouts, generate reports, track +status with greater efficiency than ever before, leap tall buildings with a +single bound and rescue Jane from the clutches of Certain Death! + +But Certain Death speaks up -- a tiny voice, from the dark corners of the +conference room. "I have a concern," the voice hisses from the darkness, +"about the use of the word 'verified'. + +The room, previously filled with happy chatter, lapses into reverential +silence as Certain Death (better known as the Vice President of Software +Engineering) continues. "You see, for two years we've used the word +'verified' to indicate that a developer or quality assurance engineer has +confirmed that, in fact, a bug is valid. I don't want to lose two years of +training to a new software product. You need to change the bug status of +'verified' to 'approved' as soon as possible. To avoid confusion, of +course." + +Oh no! Terror strikes your heart, as you find yourself mumbling "yes, yes, I +don't think that would be a problem," You review the changes with Certain +Death, and continue to jabber on, "no, it's not too big a change. I mean, we +have the source code, right? You know, 'Use the Source, Luke' and all +that... no problem," All the while you quiver inside like a beached +jellyfish bubbling, burbling, and boiling on a hot Jamaican sand dune... + +Thus begins your adventure into the heart of Bugzilla. You've been forced to +learn about non-portable enum() fields, varchar columns, and tinyint +definitions. The Adventure Awaits You! _________________________________________________________________ C.2.1. Bugzilla Database Basics - If you were like me, at this point you're totally clueless about the - internals of MySQL, and if it weren't for this executive order from - the Vice President you couldn't care less about the difference between - a "bigint" and a "tinyint" entry in MySQL. I recommend you refer to - the MySQL documentation, available at MySQL.com. Below are the basics - you need to know about the Bugzilla database. Check the chart above - for more details. +If you were like me, at this point you're totally clueless about the +internals of MySQL, and if it weren't for this executive order from the Vice +President you couldn't care less about the difference between a "bigint" and +a "tinyint" entry in MySQL. I recommend you refer to the MySQL +documentation, available at MySQL.com. Below are the basics you need to know +about the Bugzilla database. Check the chart above for more details. 1. To connect to your database: bash#mysql-u root @@ -5310,17 +5210,18 @@ C.2.1. Bugzilla Database Basics C.2.1.1. Bugzilla Database Tables - Imagine your MySQL database as a series of spreadsheets, and you won't - be too far off. If you use this command: +Imagine your MySQL database as a series of spreadsheets, and you won't be +too far off. If you use this command: + +mysql>show tables from bugs; - mysql>show tables from bugs; +you'll be able to see all the "spreadsheets" (tables) in your database. It +is similar to a file system, only faster and more robust for certain types +of operations. - you'll be able to see all the "spreadsheets" (tables) in your - database. It is similar to a file system, only faster and more robust - for certain types of operations. +From the command issued above, ou should have some output that looks like +this: - From the command issued above, ou should have some output that looks - like this: +-------------------+ | Tables in bugs | +-------------------+ @@ -5674,7 +5575,7 @@ C.3. MySQL Permissions & Grant Tables IDENTIFIED BY '(password)' WITH GRANT OPTION; OR - mysql> GRANT ALL PRIVELEGES + mysql> GRANT ALL PRIVILEGES ON keystone.* TO <$sys_dbuser name>@localhost IDENTIFIED BY '(password)' @@ -5749,14 +5650,14 @@ C.3. MySQL Permissions & Grant Tables Appendix D. Useful Patches and Utilities for Bugzilla - Are you looking for a way to put your Bugzilla into overdrive? Catch - some of the niftiest tricks here in this section. +Are you looking for a way to put your Bugzilla into overdrive? Catch some of +the niftiest tricks here in this section. _________________________________________________________________ D.1. Apache mod_rewrite magic - Apache's mod_rewrite module lets you do some truly amazing things with - URL rewriting. Here are a couple of examples of what you can do. +Apache's mod_rewrite module lets you do some truly amazing things with URL +rewriting. Here are a couple of examples of what you can do. 1. Make it so if someone types http://www.foo.com/12345, Bugzilla spits back http://www.foo.com/show_bug.cgi?id=12345. Try setting @@ -5775,10 +5676,10 @@ RewriteRule ^/([0-9]+)$ http://foo.bar.com/show_bug.cgi?id=$1 [L,R] D.2. The setperl.csh Utility - You can use the "setperl.csh" utility to quickly and easily change the - path to perl on all your Bugzilla files. This is a C-shell script; if - you do not have "csh" or "tcsh" in the search path on your system, it - will not work! +You can use the "setperl.csh" utility to quickly and easily change the path +to perl on all your Bugzilla files. This is a C-shell script; if you do not +have "csh" or "tcsh" in the search path on your system, it will not work! + 1. Download the "setperl.csh" utility to your Bugzilla directory and make it executable. a. bash# cd /your/path/to/bugzilla @@ -5798,34 +5699,34 @@ D.2. The setperl.csh Utility D.3. Command-line Bugzilla Queries - Users can query Bugzilla from the command line using this suite of - utilities. - - The query.conf file contains the mapping from options to field names - and comparison types. Quoted option names are "grepped" for, so it - should be easy to edit this file. Comments (#) have no effect; you - must make sure these lines do not contain any quoted "option" - - buglist is a shell script which submits a Bugzilla query and writes - the resulting HTML page to stdout. It supports both short options, - (such as "-Afoo" or "-Rbar") and long options (such as - "--assignedto=foo" or "--reporter=bar"). If the first character of an - option is not "-", it is treated as if it were prefixed with - "--default=". - - The columlist is taken from the COLUMNLIST environment variable. This - is equivalent to the "Change Columns" option when you list bugs in - buglist.cgi. If you have already used Bugzilla, use grep COLUMLIST - ~/.netscape/cookies to see your current COLUMNLIST setting. - - bugs is a simple shell script which calls buglist and extracts the bug - numbers from the output. Adding the prefix - "http://bugzilla.mozilla.org/buglist.cgi?bug_id=" turns the bug list - into a working link if any bugs are found. Counting bugs is easy. Pipe - the results through sed -e 's/,/ /g' | wc | awk '{printf $2 "\n"}' - - Akkana says she has good results piping buglist output through w3m -T - text/html -dump +Users can query Bugzilla from the command line using this suite of +utilities. + +The query.conf file contains the mapping from options to field names and +comparison types. Quoted option names are "grepped" for, so it should be +easy to edit this file. Comments (#) have no effect; you must make sure +these lines do not contain any quoted "option" + +buglist is a shell script which submits a Bugzilla query and writes the +resulting HTML page to stdout. It supports both short options, (such as +"-Afoo" or "-Rbar") and long options (such as "--assignedto=foo" or +"--reporter=bar"). If the first character of an option is not "-", it is +treated as if it were prefixed with "--default=". + +The columlist is taken from the COLUMNLIST environment variable. This is +equivalent to the "Change Columns" option when you list bugs in buglist.cgi. +If you have already used Bugzilla, use grep COLUMLIST ~/.netscape/cookies to +see your current COLUMNLIST setting. + +bugs is a simple shell script which calls buglist and extracts the bug +numbers from the output. Adding the prefix +"http://bugzilla.mozilla.org/buglist.cgi?bug_id=" turns the bug list into a +working link if any bugs are found. Counting bugs is easy. Pipe the results +through sed -e 's/,/ /g' | wc | awk '{printf $2 "\n"}' + +Akkana says she has good results piping buglist output through w3m -T +text/html -dump + 1. Download three files: a. bash$ wget -O query.conf 'http://bugzilla.mozilla.org/showattachment.cgi?attach_id=261 @@ -5841,42 +5742,37 @@ D.3. Command-line Bugzilla Queries D.4. The Quicksearch Utility - Quicksearch is a new, experimental feature of the 2.12 release. It - consist of two Javascript files, "quicksearch.js" and - "localconfig.js", and two documentation files, "quicksearch.html" and - "quicksearchhack.html" +Quicksearch is a new, experimental feature of the 2.12 release. It consist +of two Javascript files, "quicksearch.js" and "localconfig.js", and two +documentation files, "quicksearch.html" and "quicksearchhack.html" - The index.html page has been updated to include the QuickSearch text - box. +The index.html page has been updated to include the QuickSearch text box. - To take full advantage of the query power, the Bugzilla maintainer - must edit "localconfig.js" according to the value sets used in the - local installation. +To take full advantage of the query power, the Bugzilla maintainer must edit +"localconfig.js" according to the value sets used in the local installation. - Currently, keywords must be hard-coded in localconfig.js. If they are - not, keywords are not automatically recognized. This means, if - localconfig.js is left unconfigured, that searching for a bug with the - "foo" keyword will only find bugs with "foo" in the summary, status - whiteboard, product or component name, but not those with the keyword - "foo". +Currently, keywords must be hard-coded in localconfig.js. If they are not, +keywords are not automatically recognized. This means, if localconfig.js is +left unconfigured, that searching for a bug with the "foo" keyword will only +find bugs with "foo" in the summary, status whiteboard, product or component +name, but not those with the keyword "foo". - Workarounds for Bugzilla users: +Workarounds for Bugzilla users: - search for '!foo' (this will find only bugs with the keyword "foo" - search 'foo,!foo' (equivalent to 'foo OR keyword:foo') +search for '!foo' (this will find only bugs with the keyword "foo" +search 'foo,!foo' (equivalent to 'foo OR keyword:foo') - When this tool is ported from client-side JavaScript to server-side - Perl, the requirement for hard-coding keywords can be fixed. This bug + When this tool is ported from client-side JavaScript to server-side + Perl, the requirement for hard-coding keywords can be fixed. This bug has details. _________________________________________________________________ D.5. Hacking Bugzilla - The following is a guide for reviewers when checking code into - Bugzilla's CVS repostory at mozilla.org. If you wish to submit patches - to Bugzilla, you should follow the rules and style conventions below. - Any code that does not adhere to these basic rules will not be added - to Bugzilla's codebase. +The following is a guide for reviewers when checking code into Bugzilla's +CVS repostory at mozilla.org. If you wish to submit patches to Bugzilla, you +should follow the rules and style conventions below. Any code that does not +adhere to these basic rules will not be added to Bugzilla's codebase. _________________________________________________________________ D.5.1. Things that have caused problems and should be avoided @@ -5903,22 +5799,20 @@ grep (/$value/, @array); D.5.2. Coding Style for Bugzilla - While it's true that not all of the code currently in Bugzilla adheres - to this (or any) styleguide, it is something that is being worked - toward. Therefore, we ask that all new code (submitted patches and new - files) follow this guide as closely as possible (if you're only - changing 1 or 2 lines, you don't have to reformat the entire file :). - - The Bugzilla development team has decided to adopt the perl style - guide as published by Larry Wall. This giude can be found in - "Programming Perl" (the camel book) or by typing man perlstyle at your - favorite shell prompt. - - What appears below if a brief summary, please refer to the perl style - guide if you don't see your question covered here. It is much better - to submit a patch which fails these criteria than no patch at all, but - please try to meet these minimum standards when submitting code to - Bugzilla. +While it's true that not all of the code currently in Bugzilla adheres to +this (or any) styleguide, it is something that is being worked toward. +Therefore, we ask that all new code (submitted patches and new files) follow +this guide as closely as possible (if you're only changing 1 or 2 lines, you +don't have to reformat the entire file :). + +The Bugzilla development team has decided to adopt the perl style guide as +published by Larry Wall. This giude can be found in "Programming Perl" (the +camel book) or by typing man perlstyle at your favorite shell prompt. + +What appears below if a brief summary, please refer to the perl style guide +if you don't see your question covered here. It is much better to submit a +patch which fails these criteria than no patch at all, but please try to +meet these minimum standards when submitting code to Bugzilla. * Whitespace Bugzilla's preferred indentation is 4 spaces (no tabs, please). @@ -5998,7 +5892,7 @@ else Appendix E. GNU Free Documentation License - Version 1.1, March 2000 +Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy @@ -6008,152 +5902,143 @@ Appendix E. GNU Free Documentation License 0. PREAMBLE - The purpose of this License is to make a manual, textbook, or other - written document "free" in the sense of freedom: to assure everyone - the effective freedom to copy and redistribute it, with or without - modifying it, either commercially or noncommercially. Secondarily, - this License preserves for the author and publisher a way to get - credit for their work, while not being considered responsible for - modifications made by others. - - This License is a kind of "copyleft", which means that derivative - works of the document must themselves be free in the same sense. It - complements the GNU General Public License, which is a copyleft - license designed for free software. - - We have designed this License in order to use it for manuals for free - software, because free software needs free documentation: a free - program should come with manuals providing the same freedoms that the - software does. But this License is not limited to software manuals; it - can be used for any textual work, regardless of subject matter or - whether it is published as a printed book. We recommend this License - principally for works whose purpose is instruction or reference. +The purpose of this License is to make a manual, textbook, or other written +document "free" in the sense of freedom: to assure everyone the effective +freedom to copy and redistribute it, with or without modifying it, either +commercially or noncommercially. Secondarily, this License preserves for the +author and publisher a way to get credit for their work, while not being +considered responsible for modifications made by others. + +This License is a kind of "copyleft", which means that derivative works of +the document must themselves be free in the same sense. It complements the +GNU General Public License, which is a copyleft license designed for free +software. + +We have designed this License in order to use it for manuals for free +software, because free software needs free documentation: a free program +should come with manuals providing the same freedoms that the software does. +But this License is not limited to software manuals; it can be used for any +textual work, regardless of subject matter or whether it is published as a +printed book. We recommend this License principally for works whose purpose +is instruction or reference. _________________________________________________________________ 1. APPLICABILITY AND DEFINITIONS - This License applies to any manual or other work that contains a - notice placed by the copyright holder saying it can be distributed - under the terms of this License. The "Document", below, refers to any - such manual or work. Any member of the public is a licensee, and is - addressed as "you". - - A "Modified Version" of the Document means any work containing the - Document or a portion of it, either copied verbatim, or with - modifications and/or translated into another language. - - A "Secondary Section" is a named appendix or a front-matter section of - the Document that deals exclusively with the relationship of the - publishers or authors of the Document to the Document's overall - subject (or to related matters) and contains nothing that could fall - directly within that overall subject. (For example, if the Document is - in part a textbook of mathematics, a Secondary Section may not explain - any mathematics.) The relationship could be a matter of historical - connection with the subject or with related matters, or of legal, - commercial, philosophical, ethical or political position regarding - them. - - The "Invariant Sections" are certain Secondary Sections whose titles - are designated, as being those of Invariant Sections, in the notice - that says that the Document is released under this License. - - The "Cover Texts" are certain short passages of text that are listed, - as Front-Cover Texts or Back-Cover Texts, in the notice that says that - the Document is released under this License. - - A "Transparent" copy of the Document means a machine-readable copy, - represented in a format whose specification is available to the - general public, whose contents can be viewed and edited directly and - straightforwardly with generic text editors or (for images composed of - pixels) generic paint programs or (for drawings) some widely available - drawing editor, and that is suitable for input to text formatters or - for automatic translation to a variety of formats suitable for input - to text formatters. A copy made in an otherwise Transparent file - format whose markup has been designed to thwart or discourage - subsequent modification by readers is not Transparent. A copy that is - not "Transparent" is called "Opaque". - - Examples of suitable formats for Transparent copies include plain - ASCII without markup, Texinfo input format, LaTeX input format, SGML - or XML using a publicly available DTD, and standard-conforming simple - HTML designed for human modification. Opaque formats include - PostScript, PDF, proprietary formats that can be read and edited only - by proprietary word processors, SGML or XML for which the DTD and/or - processing tools are not generally available, and the - machine-generated HTML produced by some word processors for output - purposes only. - - The "Title Page" means, for a printed book, the title page itself, - plus such following pages as are needed to hold, legibly, the material - this License requires to appear in the title page. For works in - formats which do not have any title page as such, "Title Page" means - the text near the most prominent appearance of the work's title, - preceding the beginning of the body of the text. +This License applies to any manual or other work that contains a notice +placed by the copyright holder saying it can be distributed under the terms +of this License. The "Document", below, refers to any such manual or work. +Any member of the public is a licensee, and is addressed as "you". + +A "Modified Version" of the Document means any work containing the Document +or a portion of it, either copied verbatim, or with modifications and/or +translated into another language. + +A "Secondary Section" is a named appendix or a front-matter section of the +Document that deals exclusively with the relationship of the publishers or +authors of the Document to the Document's overall subject (or to related +matters) and contains nothing that could fall directly within that overall +subject. (For example, if the Document is in part a textbook of mathematics, +a Secondary Section may not explain any mathematics.) The relationship could +be a matter of historical connection with the subject or with related +matters, or of legal, commercial, philosophical, ethical or political +position regarding them. + +The "Invariant Sections" are certain Secondary Sections whose titles are +designated, as being those of Invariant Sections, in the notice that says +that the Document is released under this License. + +The "Cover Texts" are certain short passages of text that are listed, as +Front-Cover Texts or Back-Cover Texts, in the notice that says that the +Document is released under this License. + +A "Transparent" copy of the Document means a machine-readable copy, +represented in a format whose specification is available to the general +public, whose contents can be viewed and edited directly and +straightforwardly with generic text editors or (for images composed of +pixels) generic paint programs or (for drawings) some widely available +drawing editor, and that is suitable for input to text formatters or for +automatic translation to a variety of formats suitable for input to text +formatters. A copy made in an otherwise Transparent file format whose markup +has been designed to thwart or discourage subsequent modification by readers +is not Transparent. A copy that is not "Transparent" is called "Opaque". + +Examples of suitable formats for Transparent copies include plain ASCII +without markup, Texinfo input format, LaTeX input format, SGML or XML using +a publicly available DTD, and standard-conforming simple HTML designed for +human modification. Opaque formats include PostScript, PDF, proprietary +formats that can be read and edited only by proprietary word processors, +SGML or XML for which the DTD and/or processing tools are not generally +available, and the machine-generated HTML produced by some word processors +for output purposes only. + +The "Title Page" means, for a printed book, the title page itself, plus such +following pages as are needed to hold, legibly, the material this License +requires to appear in the title page. For works in formats which do not have +any title page as such, "Title Page" means the text near the most prominent +appearance of the work's title, preceding the beginning of the body of the +text. _________________________________________________________________ 2. VERBATIM COPYING - You may copy and distribute the Document in any medium, either - commercially or noncommercially, provided that this License, the - copyright notices, and the license notice saying this License applies - to the Document are reproduced in all copies, and that you add no - other conditions whatsoever to those of this License. You may not use - technical measures to obstruct or control the reading or further - copying of the copies you make or distribute. However, you may accept - compensation in exchange for copies. If you distribute a large enough - number of copies you must also follow the conditions in section 3. - - You may also lend copies, under the same conditions stated above, and - you may publicly display copies. +You may copy and distribute the Document in any medium, either commercially +or noncommercially, provided that this License, the copyright notices, and +the license notice saying this License applies to the Document are +reproduced in all copies, and that you add no other conditions whatsoever to +those of this License. You may not use technical measures to obstruct or +control the reading or further copying of the copies you make or distribute. +However, you may accept compensation in exchange for copies. If you +distribute a large enough number of copies you must also follow the +conditions in section 3. + +You may also lend copies, under the same conditions stated above, and you +may publicly display copies. _________________________________________________________________ 3. COPYING IN QUANTITY - If you publish printed copies of the Document numbering more than 100, - and the Document's license notice requires Cover Texts, you must - enclose the copies in covers that carry, clearly and legibly, all - these Cover Texts: Front-Cover Texts on the front cover, and - Back-Cover Texts on the back cover. Both covers must also clearly and - legibly identify you as the publisher of these copies. The front cover - must present the full title with all words of the title equally - prominent and visible. You may add other material on the covers in - addition. Copying with changes limited to the covers, as long as they - preserve the title of the Document and satisfy these conditions, can - be treated as verbatim copying in other respects. - - If the required texts for either cover are too voluminous to fit - legibly, you should put the first ones listed (as many as fit - reasonably) on the actual cover, and continue the rest onto adjacent - pages. - - If you publish or distribute Opaque copies of the Document numbering - more than 100, you must either include a machine-readable Transparent - copy along with each Opaque copy, or state in or with each Opaque copy - a publicly-accessible computer-network location containing a complete - Transparent copy of the Document, free of added material, which the - general network-using public has access to download anonymously at no - charge using public-standard network protocols. If you use the latter - option, you must take reasonably prudent steps, when you begin - distribution of Opaque copies in quantity, to ensure that this - Transparent copy will remain thus accessible at the stated location - until at least one year after the last time you distribute an Opaque - copy (directly or through your agents or retailers) of that edition to - the public. - - It is requested, but not required, that you contact the authors of the - Document well before redistributing any large number of copies, to - give them a chance to provide you with an updated version of the - Document. +If you publish printed copies of the Document numbering more than 100, and +the Document's license notice requires Cover Texts, you must enclose the +copies in covers that carry, clearly and legibly, all these Cover Texts: +Front-Cover Texts on the front cover, and Back-Cover Texts on the back +cover. Both covers must also clearly and legibly identify you as the +publisher of these copies. The front cover must present the full title with +all words of the title equally prominent and visible. You may add other +material on the covers in addition. Copying with changes limited to the +covers, as long as they preserve the title of the Document and satisfy these +conditions, can be treated as verbatim copying in other respects. + +If the required texts for either cover are too voluminous to fit legibly, +you should put the first ones listed (as many as fit reasonably) on the +actual cover, and continue the rest onto adjacent pages. + +If you publish or distribute Opaque copies of the Document numbering more +than 100, you must either include a machine-readable Transparent copy along +with each Opaque copy, or state in or with each Opaque copy a +publicly-accessible computer-network location containing a complete +Transparent copy of the Document, free of added material, which the general +network-using public has access to download anonymously at no charge using +public-standard network protocols. If you use the latter option, you must +take reasonably prudent steps, when you begin distribution of Opaque copies +in quantity, to ensure that this Transparent copy will remain thus +accessible at the stated location until at least one year after the last +time you distribute an Opaque copy (directly or through your agents or +retailers) of that edition to the public. + +It is requested, but not required, that you contact the authors of the +Document well before redistributing any large number of copies, to give them +a chance to provide you with an updated version of the Document. _________________________________________________________________ 4. MODIFICATIONS - You may copy and distribute a Modified Version of the Document under - the conditions of sections 2 and 3 above, provided that you release - the Modified Version under precisely this License, with the Modified - Version filling the role of the Document, thus licensing distribution - and modification of the Modified Version to whoever possesses a copy - of it. In addition, you must do these things in the Modified Version: +You may copy and distribute a Modified Version of the Document under the +conditions of sections 2 and 3 above, provided that you release the Modified +Version under precisely this License, with the Modified Version filling the +role of the Document, thus licensing distribution and modification of the +Modified Version to whoever possesses a copy of it. In addition, you must do +these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions @@ -6203,141 +6088,133 @@ Appendix E. GNU Free Documentation License N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. - If the Modified Version includes new front-matter sections or - appendices that qualify as Secondary Sections and contain no material + If the Modified Version includes new front-matter sections or + appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all - of these sections as invariant. To do this, add their titles to the - list of Invariant Sections in the Modified Version's license notice. + of these sections as invariant. To do this, add their titles to the + list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. - You may add a section entitled "Endorsements", provided it contains - nothing but endorsements of your Modified Version by various - parties--for example, statements of peer review or that the text has - been approved by an organization as the authoritative definition of a + You may add a section entitled "Endorsements", provided it contains + nothing but endorsements of your Modified Version by various + parties--for example, statements of peer review or that the text has + been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list - of Cover Texts in the Modified Version. Only one passage of - Front-Cover Text and one of Back-Cover Text may be added by (or - through arrangements made by) any one entity. If the Document already - includes a cover text for the same cover, previously added by you or - by arrangement made by the same entity you are acting on behalf of, - you may not add another; but you may replace the old one, on explicit + of Cover Texts in the Modified Version. Only one passage of + Front-Cover Text and one of Back-Cover Text may be added by (or + through arrangements made by) any one entity. If the Document already + includes a cover text for the same cover, previously added by you or + by arrangement made by the same entity you are acting on behalf of, + you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. - The author(s) and publisher(s) of the Document do not by this License - give permission to use their names for publicity for or to assert or + The author(s) and publisher(s) of the Document do not by this License + give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. _________________________________________________________________ 5. COMBINING DOCUMENTS - You may combine the Document with other documents released under this - License, under the terms defined in section 4 above for modified - versions, provided that you include in the combination all of the - Invariant Sections of all of the original documents, unmodified, and - list them all as Invariant Sections of your combined work in its - license notice. - - The combined work need only contain one copy of this License, and - multiple identical Invariant Sections may be replaced with a single - copy. If there are multiple Invariant Sections with the same name but - different contents, make the title of each such section unique by - adding at the end of it, in parentheses, the name of the original - author or publisher of that section if known, or else a unique number. - Make the same adjustment to the section titles in the list of - Invariant Sections in the license notice of the combined work. - - In the combination, you must combine any sections entitled "History" - in the various original documents, forming one section entitled - "History"; likewise combine any sections entitled "Acknowledgements", - and any sections entitled "Dedications". You must delete all sections - entitled "Endorsements." +You may combine the Document with other documents released under this +License, under the terms defined in section 4 above for modified versions, +provided that you include in the combination all of the Invariant Sections +of all of the original documents, unmodified, and list them all as Invariant +Sections of your combined work in its license notice. + +The combined work need only contain one copy of this License, and multiple +identical Invariant Sections may be replaced with a single copy. If there +are multiple Invariant Sections with the same name but different contents, +make the title of each such section unique by adding at the end of it, in +parentheses, the name of the original author or publisher of that section if +known, or else a unique number. Make the same adjustment to the section +titles in the list of Invariant Sections in the license notice of the +combined work. + +In the combination, you must combine any sections entitled "History" in the +various original documents, forming one section entitled "History"; likewise +combine any sections entitled "Acknowledgements", and any sections entitled +"Dedications". You must delete all sections entitled "Endorsements." _________________________________________________________________ 6. COLLECTIONS OF DOCUMENTS - You may make a collection consisting of the Document and other - documents released under this License, and replace the individual - copies of this License in the various documents with a single copy - that is included in the collection, provided that you follow the rules - of this License for verbatim copying of each of the documents in all - other respects. - - You may extract a single document from such a collection, and - distribute it individually under this License, provided you insert a - copy of this License into the extracted document, and follow this - License in all other respects regarding verbatim copying of that - document. +You may make a collection consisting of the Document and other documents +released under this License, and replace the individual copies of this +License in the various documents with a single copy that is included in the +collection, provided that you follow the rules of this License for verbatim +copying of each of the documents in all other respects. + +You may extract a single document from such a collection, and distribute it +individually under this License, provided you insert a copy of this License +into the extracted document, and follow this License in all other respects +regarding verbatim copying of that document. _________________________________________________________________ 7. AGGREGATION WITH INDEPENDENT WORKS - A compilation of the Document or its derivatives with other separate - and independent documents or works, in or on a volume of a storage or - distribution medium, does not as a whole count as a Modified Version - of the Document, provided no compilation copyright is claimed for the - compilation. Such a compilation is called an "aggregate", and this - License does not apply to the other self-contained works thus compiled - with the Document, on account of their being thus compiled, if they - are not themselves derivative works of the Document. - - If the Cover Text requirement of section 3 is applicable to these - copies of the Document, then if the Document is less than one quarter - of the entire aggregate, the Document's Cover Texts may be placed on - covers that surround only the Document within the aggregate. Otherwise - they must appear on covers around the whole aggregate. +A compilation of the Document or its derivatives with other separate and +independent documents or works, in or on a volume of a storage or +distribution medium, does not as a whole count as a Modified Version of the +Document, provided no compilation copyright is claimed for the compilation. +Such a compilation is called an "aggregate", and this License does not apply +to the other self-contained works thus compiled with the Document, on +account of their being thus compiled, if they are not themselves derivative +works of the Document. + +If the Cover Text requirement of section 3 is applicable to these copies of +the Document, then if the Document is less than one quarter of the entire +aggregate, the Document's Cover Texts may be placed on covers that surround +only the Document within the aggregate. Otherwise they must appear on covers +around the whole aggregate. _________________________________________________________________ 8. TRANSLATION - Translation is considered a kind of modification, so you may - distribute translations of the Document under the terms of section 4. - Replacing Invariant Sections with translations requires special - permission from their copyright holders, but you may include - translations of some or all Invariant Sections in addition to the - original versions of these Invariant Sections. You may include a - translation of this License provided that you also include the - original English version of this License. In case of a disagreement - between the translation and the original English version of this - License, the original English version will prevail. +Translation is considered a kind of modification, so you may distribute +translations of the Document under the terms of section 4. Replacing +Invariant Sections with translations requires special permission from their +copyright holders, but you may include translations of some or all Invariant +Sections in addition to the original versions of these Invariant Sections. +You may include a translation of this License provided that you also include +the original English version of this License. In case of a disagreement +between the translation and the original English version of this License, +the original English version will prevail. _________________________________________________________________ 9. TERMINATION - You may not copy, modify, sublicense, or distribute the Document - except as expressly provided for under this License. Any other attempt - to copy, modify, sublicense or distribute the Document is void, and - will automatically terminate your rights under this License. However, - parties who have received copies, or rights, from you under this - License will not have their licenses terminated so long as such - parties remain in full compliance. +You may not copy, modify, sublicense, or distribute the Document except as +expressly provided for under this License. Any other attempt to copy, +modify, sublicense or distribute the Document is void, and will +automatically terminate your rights under this License. However, parties who +have received copies, or rights, from you under this License will not have +their licenses terminated so long as such parties remain in full compliance. _________________________________________________________________ 10. FUTURE REVISIONS OF THIS LICENSE - The Free Software Foundation may publish new, revised versions of the - GNU Free Documentation License from time to time. Such new versions - will be similar in spirit to the present version, but may differ in - detail to address new problems or concerns. See - http://www.gnu.org/copyleft/. - - Each version of the License is given a distinguishing version number. - If the Document specifies that a particular numbered version of this - License "or any later version" applies to it, you have the option of - following the terms and conditions either of that specified version or - of any later version that has been published (not as a draft) by the - Free Software Foundation. If the Document does not specify a version - number of this License, you may choose any version ever published (not - as a draft) by the Free Software Foundation. +The Free Software Foundation may publish new, revised versions of the GNU +Free Documentation License from time to time. Such new versions will be +similar in spirit to the present version, but may differ in detail to +address new problems or concerns. See http://www.gnu.org/copyleft/. + +Each version of the License is given a distinguishing version number. If the +Document specifies that a particular numbered version of this License "or +any later version" applies to it, you have the option of following the terms +and conditions either of that specified version or of any later version that +has been published (not as a draft) by the Free Software Foundation. If the +Document does not specify a version number of this License, you may choose +any version ever published (not as a draft) by the Free Software Foundation. _________________________________________________________________ How to use this License for your documents - To use this License in a document you have written, include a copy of - the License in the document and put the following copyright and - license notices just after the title page: +To use this License in a document you have written, include a copy of the +License in the document and put the following copyright and license notices +just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU @@ -6348,14 +6225,14 @@ How to use this License for your documents license is included in the section entitled "GNU Free Documentation License". - If you have no Invariant Sections, write "with no Invariant Sections" + If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover - Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts + Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. - If your document contains nontrivial examples of program code, we - recommend releasing these examples in parallel under your choice of - free software license, such as the GNU General Public License, to + If your document contains nontrivial examples of program code, we + recommend releasing these examples in parallel under your choice of + free software license, such as the GNU General Public License, to permit their use in free software. Glossary |