The Unofficial Webtools FAQ v 0.2.1

The contents of this file are subject to the Mozilla Public License Version 1.1 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.mozilla.org/MPL/ .  Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License.

The Original Code is "The Unofficial Webtools FAQ".

The Initial Developer of the Original Code is AtHome Corporation. Portions created by AtHome are Copyright © 1995-2000 AtHome Corporation. All Rights Reserved. @Home, Excite@Home, @Work, and Excite are the trademarks of At Home Corporation, and may be registered in certain jurisdictions

Contributor(s):

Last change: April 10, 2000

Changes:
Version 0.2: Initial public release. (April 10, 2000)
Version 0.2.1: Fixed formatting, released as HTML.  Also corrected incorrect fix for missing bugs from queries (it's syncshadowdb, not processmail) and information about bugzilla maintainers (April 10,2000)
Version 0.2.2:

  1. Fixed mailto: links (they were showing up as "documents/"... weird)
  2. Added new sections:
    1. API notes (such as it is)
    2. common feature requests
    3. more FAQ's
    4. Fixed several tpyos
  3. Take into account recent submissions to the newsgroup
  4. Removed "Bugzilla Gotchas" section and integrated entries into "Bugzilla Bugs"


Maintainer: Matthew P. Barnson
 

Table of Contents

INTRODUCTION
BUGZILLA GENERAL
BUGZILLA INSTALLATION
BUGZILLA CONFIGURATION
--security
--email
--database
BUGZILLA and WINDOWS NT
BUGZILLA USE
BUGZILLA KNOWN BUGS
BUGZILLA HACKING
--API
TINDERBOX
BONSAI


INTRODUCTION

or "And all this time we thought we were *reducing* the number of bugs"


The Unofficial Webtools FAQ is designed to answer common user questions outside the scope of the webtools README files and supporting documentation in an easy "question and answer" format. Where appropriate, this FAQ will refer to URLs rather than including documents in their entirety to ensure completeness even should this FAQ become out of date. This is a living document; please be sure to update your copy from the latest version available in the netscape.public.mozilla.webtools newsgroup before mirroring. As yet, there is no permanent home for the document other than the newsgroup.

This FAQ is not maintained by Netscape or Netscape employees, so please do not contact them regarding errors or omissions contained herein. Please direct all questions, comments, updates, flames, etc. to Matthew P. Barnson (barnboy or barnhome on irc.mozilla.org in #mozwebtools).

I'm sure I've made some glaring errors or omissions in this paper -- please email me corrections or post corrections to the netscape.public.mozilla.webtools newsgroup.

Bugzilla attracts very intelligent, competent people who need a good bug-tracking system to support their projects, so I make a few assumptions in this FAQ:

  1. You are using UNIX, or you use NT and have a high tolerance for pain.
  2. You are a competent systems administrator with a working knowledge of UNIX shells, security, Apache or Netscape/iPlanet web server, Perl, and MySQL.
  3. You are not easily frustrated, and have a strong ability to figure out answers to problems.

BUGZILLA GENERAL

or "It's not a bug.  It's a feature."

Q: Where can I find information about bugzilla?
A: You can stay up-to-date with the latest bugzilla information at http://www.mozilla.org/projects/bugzilla/.

Q: What license is Bugzilla distributed under?
A: Bugzilla is under the Mozilla Public License. See details at http://www.mozilla.org/MPL/

Q: How do I get commercial support for Bugzilla?
A: As far as I know, there are not yet any companies that offer commercial Bugzilla support. However, I've heard there are consulting companies that will install and maintain a Bugzilla installation for charge, and would accept responsibility for it's upkeep. I'm not sure which large consulting firms do this yet -- I'm open to more contributions in this area.

Q: What major companies or projects are currently using Bugzilla for bug-tracking?
A: This is by no means a complete list, and is assembled from contributions and about 10 minutes of searching on AltaVista. Contributions welcome:

Q: Who maintains Bugzilla?
A: Tara Hernandez is the current maintainer of Bugzilla. It was originally written and maintained by Terry Weissman, but he is no longer heavily involved (Tara adds, "These days, Terry just hangs around and heckles").  The Quality Assurance contact for Bugzilla, who makes sure we don't get too far out of line is Matthew Tuck. You'll often hear from and about Dan Mosedale and Dawn Endico. Check out their bios and responsibilities at http://www.mozilla.org/about.html.  They bear primary responsibility for keeping the current bugzilla.mozilla.org site up-to-date, and have a vital interest in ensuring Bugzilla moves forward (and doesn't break!)

Q: Why does Bugzilla use .png files instead of .gifs for graphs?
A: Patent restrictions (see http://www.gnu.org/philosophy/gif.html for details). If you're using a recent version of the GD library and a recent version of Bugzilla, this is no longer a FAQ.

Q: How does Bugzilla stack up against other bug-tracking databases?
A: As far as I know, there have been no feature-by-feature comparisons to other bug-tracking systems.  Howeve, here are some primary reasons people cite for moving to Bugzilla:

  1. Customizability
  2. Maintainability (quick security fixes and trivial upgrades)
  3. Industry support (MySQL, Oracle, instead of custom little SQL DB)
  4. Adherence to web standards (CGI, Perl, SQL)
  5. Speed, proven on very large installations (bugzilla.mozilla.org)
  6. UNIX-based
  7. Open Source.
  8. Price.  However, don't let price be the selling point of Bugzilla -- it survives on it's own merits.
Q: How do I change my username in Bugzilla?
A: You can't, through the regular Bugzilla interfaces. You can do one of the following:
  1. Create a new user account
  2. Change the Real Name associated with your login
  3. Manually edit the database entry.
Q:  Why doesn't Bugzilla offer this or that feature or compatability with <insert cool tracking software here>?
A:  Terry writes,
I wrote Bugzilla primarily for mozilla.org's use. It is a secondary concern (but one still important to me) that it be of use to other folks, too. So, rather than spend a lot of time making everything thoroughly portable and easy to install, I just threw it over the wall, and prayed that random developers would help pitch in and make things easier for everyone.(I'm being a little hard on myself here. I *did* spend a week porting the whole thing from TCL to Perl, just so that outside folk would have a chance of using it. You shoulda seen it before...)
UPDATE: Bugzilla is making tremendous strides in usability, customizability, scalability, and user interfaces.  It is widely considered the most complete and popular open-source bug database in existence.  Download a copy today!

Q: Why MySQL? I'm interested in seeing this run on (insert "real" RDBMS name here)...
A: Terry answers,

You're not the only one. But *I* am not very interested. I'm not real SQL or database person. I just wanted to make a useful tool, and build it on top of free software. So, I picked MySQL, and learned SQL by staring at the MySQL manual and some code lying around here, and
wrote Bugzilla. I didn't know that Enum's were non-standard SQL. I'm not sure if I would have cared, but I didn't even know. So, to me, things are "portable" because it uses MySQL, and MySQL is portable enough. I fully understand (now) that people want to be portable to other databases, but that's never been a real concern of mine.
UPDATED ANSWER: Looks like RedHat might land changes real soon that will bring some more portability to Bugzilla.  However, they are in severe need of help.  Please contact dkl@redhat.com if you are interested in helping this effort.

Q: Why do the scripts say "/usr/bonsaitools/bin/perl" instead of "/usr/bin/perl" or something else?
A: Mozilla.org uses /usr/bonsaitools/bin/perl. The prime rule in making submissions is "don't break bugzilla.mozilla.org". If it breaks it, your patch will be reverted faster than you can do a diff.   Terry says:

Purely my own convention. I wanted a place to put a version of Perl and other tools that was strictly under my control for the various webtools, and not subject to anyone else. Edit it to point to whatever you like.


Q: What about Red Hat Bugzilla?
A: Red Hat has a (arguably more user-friendly/customizable/scalable buzzword here) version of Bugzilla available. Check it out at http://bugzilla.redhat.com and the sources at ftp://people.redhat.com/dkl/. They've set theirs up to work with Oracle out of the box. The buzz says their changes will be landing in the source tree "real soon now".  Note that it is based primarily upon the 2.8 Bugzilla tree; Bugzilla has made some tremendous advances since the 2.8 release.  I recommend you download the primary Bugzilla as well as Red Hat's to check out the differences for yourself.  Red Hat Bugzilla's maintainer, dkl@redhat.com, when asked about landing the changes from the Red Hat fork, notes,

Somebody needs to take the ball and run with it.  I'm the only maintainer and am very pressed for time.


Q:  What about Loki Bugzilla?
A:  Loki Games has a customized version of Bugzilla available at http://fenris.lokigames.com.  From that page,

You may have noticed that Fenris is a fork from Bugzilla-- our patches weren't suitable for integration --and a few people have expressed interest in the code. Fenris has one major improvement over Bugzilla, and that is individual comments are not appended onto a string blob, they are stored as a record in a separate table. This allows you to, for instance, separate comments out according to privilege levels in case your bug database could contain sensitive information not for public eyes. We also provide things like email hiding to protect user's privacy, additional fields such as 'user_affected' in case someone enters someone else's bug, comment editing and deletion, and more conditional system variables than Bugzilla does (turn off attachments, qacontact, etc.).
Like Red Hat Bugzilla, I recommend if you are interested in their changes that you download the source and compare.
 

BUGZILLA INSTALLATION

or "Divide by cucumber error.  Please re-install universe and reboot."


Q: How do I download and install Bugzilla?
A: The README included with Bugzilla documents the installation procedures much more thoroughly than I can do here. You can always find a current copy of the README in the distribution tarballs available at http://www.mozilla.org/projects/bugzilla/ .  This will eventually be documented in "The Bugzilla Installation Guide".

QHow do I install Bugzilla on Windows NT?
A:  That question is complex enough it deserves it's own section, below.

Q:  Is there an easy way to change the Bugzilla cookie name?
A:  At present, no.


BUGZILLA CONFIGURATION

or "make config. not war"


 

SECURITY

QHow do I completely disable MySQL security if it's giving me problems (I've followed the instructions in the README!)?
A:  Run mysql like this: "mysqld --skip-grant-tables".  Please remember this makes mysql as secure as taping a $100 to the floor of a football stadium bathroom for safekeeping.  Before you plan to put Bugzilla up for general consumption, you REALLY need to become familiar with MySQL security.

Q: Are there any security problems with Bugzilla?
A: Prior to 2.10, yes. For 2.10 and later, probably, but we haven't discovered them yet.. You should upgrade to 2.10 and use the following instructions from Chris Yeh's security advisory of 5/10/2000 if you are running a previous version of bugzilla. Chances are good a lot of these permissions issues will make it into checksetup.pl.
It is recommended that you closely examine permissions on your Bugzilla installation. Make sure you are not running mysqld as root. Included is one person's examination of their local Bugzilla installation, and how they secured it:

  I closed-up some of the all-writeable files and directories. The code itself had to be modified to keep it from making directories and files world-writeable again... Once this was done, I felt confident that this install of bugzilla was running securely. (We don't run ftp, and mysql doesn't run as root). The setup we have is that apache runs as user 'nobody'. Directories being written into via CGI are therefore owner.group==nobody.nobody and only read/writable by user nobody, not world-writeable as before ... The *.cgi/*.pl/etc scripts (source) are owned by root.root and we can prevent CGI execution and HTTPD reading of the scripts by doing chmod go-rwx.... Finally, we prevent reading of the writeable directories by HTTP. (The security of this could further be improved by running bugzilla as user 'bugzilla' with same privs as 'nobody' but at least a different user than the webserver). I did the following to secure our install:
(1) cd /home/httpd/bugzilla ensure all files owned root.root (other than ones in 'shadow' and 'data').
(2) chmod go-rwx backdoor.cgi ; chmod go-rwx *.sh ; chmod go-rwx printenv.cgi ; chmod go-rwx 0CGI.pl ; chmod go-rwx *~* ; chown -R nobody.nobody data ; chmod -R go-rwx data ; chown -R nobody.nobody shadow ; chmod -R go-rwx shadow
(3) in emacs, in *.pl and *.cgi and processmail in bugzilla dir
(etags *.cgi *.pl processmail) ... do: (tags-query-replace "umask 0" "umask 077" nil)
(tags-query-replace "umask(0)" "umask(077)" nil)
(tags-query-replace "0777" "0700" nil)
(tags-query-replace "0666" "0600" nil)
(4) re-enable bugzilla with /home/httpd/bug-track.conf set to:
--------------------
AddHandler cgi-script .cgi
#
# setup ExecCGI'able directory alias from which we run
# "bugzilla" under URL "bugs"
#
Alias /bugs/ "/home/httpd/bugzilla/"
<Directory "/home/httpd/bugzilla">
Options Indexes ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>
--------------------
(5) add to /home/httpd/bug-track.conf (prevent cgi from being
written into data or shadow directories, and prevent contents from
being read):

--------------------

<Directory "/home/httpd/bugzilla/data">
Options None
AllowOverride None
Deny from all
</Directory>

<Directory "/home/httpd/bugzilla/shadow">
Options None
AllowOverride None
Deny from all
</Directory>

--------------------

(6) I noticed that my non-superuser-$PATH had wound up in apache's GGI
environment... that $PATH included "." so that could have been a security-exploit-in-waiting right there... so remember, when restarting apache on servers, do (in tcsh anyways):
unsetenv *
prior to doing
apachectl stop
<wait>
apachectl start

Q: I've implemented the security fixes mentioned in Chris Yeh's security advisory of 5/10/2000 advising not to run MySQL as root, and am running into problems with MySQL no longer working correctly.
A: Mozilla.org had a problem getting enough file descriptors once they stopped running mysql as root; they have many tables in their database and had "shadowdb" turned on, which doubles the number of tables. Terry mentioned in IRC: "I added the line "ulimit -n unlimited" to the /bin/sh script in /etc/init.d that starts mysqld." That should fix ulimit problems with MySQL.
 

EMAIL


Q: I have a user who doesn't want to receive any more email from Bugzilla. How do I stop it entirely for this user?
A: Easy. Add his/her login name to "bugzilla_home/data/nomail". One entry per line. It must match the login name exactly.
UPDATE:  I'm not sure this works as advertised...  Anyone know of any bugs with this solution?

Q: I'm evaluating/testing Bugzilla, and don't want it to send email to anyone but me. How do I do it?
A: According to Terry, the *correct* way to do this is, in editparams.cgi: "Go tweak the param for the mail text, replacing "To:" with "X-Real-To:", and replacing "Cc:" with "X-Real-CC", and add a "To: (myemailaddress)". This param file can also be manually edited bugzilla_home/data/params (but is not recommended).

Q: I want whineatnews.pl to whine at something more, or other than, only new bugs. How do I do it?
A: Try Klaas Freitag's excellent patch for "whineatassigned" functionality. You can find it at http://bugzilla.mozilla.org/show_bug.cgi?id=6679. Realize that as Bugzilla progresses, this patch may go out of date. At present, I know of no plans to integrate this functionality into the core Bugzilla distribution.

Q: I don't like/want to use Procmail to handle email to bugzilla. What else can I use?
A:  Bugzilla can work with alternate MTA's/filters, but there is no documentation how.

Q: How do I set up the email interface to submit/change bugs via email?
A: Download the tarball or CVS and extract it (if applicable). CD to the (bugzilla_home)/contrib directory, and read the README contained therein. Seth will be pulling his changes (the bugzilla email submission stuff) into the main tree sometime as soon as he gets the OK from the powers-that-be. Procmail is included by default on most Linux distributions, and if you use the bugzilla.procmailrc file as the .procmailrc for the user bugzilla runs as, it works pretty quickly.
My setup is a little different from the standard way of doing things. Here's what I do:

  1. cd (bugzilla_home, wherever that is)
  2. chmod 775 contrib
  3. chmod 644 contrib/*
  4. chmod 755 contrib/*.pl
  5. chmod 777 data
  6. chmod -R 775 data/mimedump-tmp
  7. chmod -R 775 data/mining
  8. vi /etc/aliases: add  'bugs: | "/usr/bin/procmail -m /etc/procmailrcs/bugs"'
  9. cp /usr/local/bugzilla/contrib/bugzilla.procmailrc /etc/procmailrcs/bugs
  10. chmod 775 /etc/procmailrcs/bugs
  11. And, in my case, since we use Linux-Mandrake most everywhere (which includes some extra security options), I also had to "ln -s /usr/bin/procmail /etc/smrsh/procmail.  smrsh is a way to prevent people from running any applications over Sendmail unless you specify it in this directory.  YMMV.
If you've followed the README, you should be good to go; send an email to "bugs@my.host.name" and watch it work.

Q: Email takes FOREVER to reach me from bugzilla -- it's extremely slow. What gives?
A: If you are using an alternate Mail Transport Agent (MTA other than sendmail), make sure the options given in the "processmail" script for all instances of "sendmail" are correct for your MTA. If you are using Sendmail, you may wish to delete the "-ODeliveryMode=deferred" option in the "processmail" script for every invocation of "sendmail". (Be sure and leave the "-t" option, though!)  This option is put into the code to handle the massive mail delivery load bugzilla.mozilla.org gets -- but most of us don't need it.  We're lobbying to make it a settable parameter.  Realize if you turn this off, and plan on sending more than a few hundred email messages a day, people may experience nasty slowdowns when submitting changes to bugs because Sendmail insists on delivering it *that instant*.

Q: Email never reaches me from bugzilla changes! What gives?
A: Chances are really good Bugzilla expects "sendmail" to live somewhere else than you have it installed. Make sure your "sendmail" lives in, or has a symlink to, "/usr/lib/sendmail".
 

DATABASE

Q: I've heard Bugzilla can be used with Oracle?
A: Red Hat Bugzilla works with Oracle.  The current mozilla.org version takes some work, though.

Q: Bugs are missing from queries, but exist in the database (and I can pull them up by specifying the bug ID). What's wrong?
A: You've almost certainly enabled the "shadow database", but for some reason it hasn't been updated for all your bugs. This is the database against which queries are run, so that really complex or slow queries won't lock up portions of the database for other users. You can turn off the shadow database in editparams.cgi. If you wish to continue using the shadow database, then as your "bugs" user run "./syncshadowdb -syncall" from the command line in the bugzilla installation directory to recreate your shadow database. After it finishes, be sure to check the params and make sure that "queryagainstshadowdb" is still turned on. The syncshadowdb program turns it off if it was on, and is supposed to turn it back on when completed; that way, if it crashes in the middle of recreating the database, it will stay off forever until someone turns it back on by hand. Apparently, it doesn't always do that yet.

Q: I think my database might be corrupted, or contain invalid entries. What do I do?
A: Run the "sanity check" utility (./sanitycheck.cgi in the bugzilla_home directory) to see! If it all comes back, you're OK.  If it doesn't come back OK (i.e. any red letters), there are certain things Bugzilla can recover from and certain things it can't.  If it can't auto-recover, I hope you're familiar with mysqladmin commands or have installed another way to manage your database...

Q: I want to manually edit some entries in my database. How?
A: There is no facility in Bugzilla itself to do this. It's also generally not a smart thing to do if you don't know exactly what you're doing. However, if you understand SQL you can use the mysqladmin utility to manually insert, delete, and modify table information. Personally, I hate dealing with big SELECT statements and such, so I use "phpMyAdmin", to do all my database administration. You have to compile a PHP module with MySQL support to make it work, but it's very clean and easy to use.  There are other utilities that work, as well, but I am lacking URL's.

Q: MySQL GPL edition doesn't seem to work...
A: Right! It doesn't! It's too old. Download the latest tarball or rpm from www.mysql.com if you want this to work.

Q: I think I've set up MySQL permissions correctly, but bugzilla still can't connect.
A: Try running MySQL from it's binary: "mysqld --skip-grant-tables". This will allow you to completely rule out grant tables as the cause of your frustration. However, I do not recommend you run it this way on a regular basis, unless you really want your web site defaced and your machine cracked...

Q: How do I synchronize bug information among multiple different Bugzilla databases?
A: Currently, there is no way to do this. However, a discussion about this has raged on and off in the newsgroup -- feel free to whip something up, put it out there, and see how it's received. We're at the point where most folks are sick of discussion. If you can create a working model with working code, that's 90% of the battle.

Q:  I get bizarre errors when trying to submit data, particularly problems with "groupset".  What gives?
A:  If you're sure your MySQL parameters are correct, you might want turn "strictvaluechecks" OFF in editparams.cgi.  If you have "usebugsentry" set "On", you also cannot submit a bug as readable by more than one group with "strictvaluechecks" ON.


BUGZILLA AND WINDOWS NT

or "Welcome to Microsoft, where we put the 'NT' in "CAN'T"!

Right now, running Bugzilla under Windows NT is an extremely hairy process. I'll provide the instructions below, but please don't ask me how it's done -- getting this working on NT involves a lot of patience, skill, and PFM (Pure Fscking Magic). As far as I know, nobody has been able to get a recent (2.8 or post) version of Bugzilla running on NT. If you know different, or can provide updated instructions to those provided below, please email Matthew Barnson with details.
These are hints straight out of the newsgroup discussions.  I can't offer much more editing or insight, since I don't manage Bugzilla on any NT boxes.

Q: What is the easiest way to run Bugzilla on NT?
A: Remove NT. Install Linux. Slap a label on the box that says "Windows NT." The boss will never know the difference, except perhaps wonder why the machine isn't crashing anymore.

Q: CGI's are failing with a "something.cgi is not a valid Windows NT application" error. Why?
A: Depending on what Web server you are using, you will have to configure the Web server to treat *.cgi files as CGI scripts. In IIS, you do this by adding *.cgi to the App Mappings with the <path>\perl.exe %s %s as the executable.
...or this tip from Microsoft's web site...
"Set application mappings. In the ISM, map the extension for the script file(s) to the executable for the script interpreter. For example, you might map the extension .py to Python.exe, the executable for the Python script interpreter. Note For the ActiveState Perl script interpreter, the extension .pl is associated with PerlIS.dll by default. If you want to change the association of .pl to perl.exe, you need to change the application mapping. In the mapping, you must add two percent (%) characters to the end of the pathname for perl.exe, as shown in this example: c:\perl\bin\perl.exe %s %s"

Q: Can I have some general instructions on how to make this work?
A: Sure. Your Mileage May Vary. Contact Andrew Lahser  for the patches mentioned. He may decide to kill me for saying that, though...

  1. #!C:/perl/bin/perl had to be added to every perl file.
  2. Converted to Net::SMTP to handle mail messages instead of /usr/bin/sendmail.
  3. The crypt function isn't available on Windows NT (at least none that I am aware), so I made encrypted passwords = plaintext passwords.
  4. The system call to diff had to be changed to the Cygwin diff.
  5. This was just to get a demo running under NT, it seems to be working good, and I have inserted almost 100 bugs from another bug tracking system. Since this work was done just to get an in-house demo, I am NOT planning on making a patch for submission to Bugzilla. If you would like a zip file, let me know.
Q: Hmm, couldn't figure it out from the general instructions above.  How about step-by-step?
A: Sure! Here ya go!
  1. Install IIS 4.0 from the NT Option Pack #4.
  2. Download and install Active Perl.
  3. Install the Windows GNU tools from Cygwin. Make sure to add the bin directory to your system path. (Everyone should have these, whether they decide to use Bugzilla or not. :-) )
  4. Download relevant packages from ActiveState at http://www.activestate.com/packages/zips/. + DBD-Mysql.zip
  5. Extract each zip file with WinZip, and install each ppd file using the notation: ppm install <module>.ppd
  6. Install Mysql.  *Note: If you move the default install from c:\mysql, you must add the appropriate startup parameters to the NT service. (ex. -b e:\\programs\\mysql)
  7. Download any Mysql client. http://www.mysql.com/download_win.html
  8. Setup MySql. (These are the commands that I used.)
    1.  
      I. Cleanup default database settings.
       C:\mysql\bin\mysql -u root mysql
       mysql> DELETE FROM user WHERE Host='localhost' AND User='';
       mysql> quit
      C:\mysql\bin\mysqladmin reload

      II. Set password for root.
       C:\mysql\bin\mysql -u root mysql
       mysql> UPDATE user SET Password=PASSWORD('new_password')
       WHERE user='root';
       mysql> FLUSH PRIVILEGES;
       mysql> quit
       C:\mysql\bin\mysqladmin -u root reload

      III. Create bugs user.
       C:\mysql\bin\mysql -u root -p
       mysql> insert into user (host,user,password) values('localhost','bugs','');
       mysql> quit
       C:\mysql\bin\mysqladmin -u root reload

      IV. Create the bugs database.
       C:\mysql\bin\mysql -u root -p
       mysql> create database bugs;

      V. Give the bugs user access to the bugs database.
       mysql> insert into db (host,db,user,select_priv,insert_priv,update_priv,delete_priv,create_priv,drop_priv) values('localhost','bugs','bugs','Y','Y','Y','Y','Y','N')
       mysql> quit
       C:\mysql\bin\mysqladmin -u root reload

  9. Run the table scripts to setup the bugs database.
  10. Change CGI.pm to use the following regular expression because of differing backslashes in NT versus UNIX.
  11. Had to make the crypt password = plain text password in the database. (Thanks to Andrew Lahser" <andrew_lahser@merck.com>" on this one.) The files that I changed were:
  12. Replaced sendmail with Windmail. Basically, you have to come up with a sendmail substitute for NT. Someone said that they used a Perl module (Net::SMTP), but I was trying to save time and do as little Perl coding as possible.
  13. Added "perl" to the beginning of all Perl system calls that use a perl script as an argument and renamed processmail to processmail.pl.
  14. In processmail.pl, I added binmode(HANDLE) before all read() calls. I'm not sure about this one, but the read() under NT wasn't counting the EOLs without the binary read."
Q: I'm having trouble with the perl modules for NT not being able to talk to to the database...
A: Your modules may be outdated or inaccurate...
  1. Try hitting http://www.activestate.com/ActivePerl
  2. Download ActivePerl from there.

  3. After that:
  4. go to your prompt
  5. type 'ppm'
  6. PPM> install DBI DBD-mysql GD
I reckon TimeDate and Data::Dumper come with the activeperl. You can check the ActiveState site for packages for installation through PPM. [http://www.activestate.com/Packages/]


BUGZILLA USE

or "Keyboard: Device used for entering errors into computer"

Q: How do I use "new email tech"?
A: First, go to editparams.cgi and make sure the "newemailtech" option is set to "on", then set the "new email tech" option in your personal user prefs "on".

Q: How do I make "new email tech" the default for my entire site?
A: You need to alter the user preferences table using one of the tools mentioned in the DATABASE section. Change the default value for "newemailtech" to "1", and change any user values you think apply.

Q: I'm confused by the behavior of the "accept" button in the Show Bug form. Why doesn't it assign the bug to me when I accept it?
A: Right now, how this should behave is the subject of considerable discussion on the mailing list and in the bug database. There is a patch for this, and a lot of talk. Tara has this to say:

"I think I put this in the main bug itself, but I have to admit I *really* don't like the whole "accept" thing at this point. I especially am completely against anything that changes the current functionality, and am only moderately placated by the idea of seperate additional functionality. IMHO Bugzilla is getting so kludgy that all we're doing is making things harder and harder to understand and maintain, not to mention adding additional fields to an already almost overwhelming query form. For now I'm going to have to make people who want this suffer through sharing patches until I come up with a course of action on it."


Q:  How do I enable voting?
A:  Make sure you're using at least version 2.10.  It's available via editparams.cgi.

Q:  I can't upload anything into the database via the "Create Attachment" link.  What am I doing wrong?
A:  The most likely cause is a very old browser or a browser that is incompatible with file upload via POST.  Download the latest Netscape or Microsoft browser to handle uploads correctly.
 


BUGZILLA KNOWN BUGS

or "These are all 'known bugs'. Whats the frickin' problem?"

QWhat bugs currently exist in bugzilla?
A:  The answer is too long (and easily outdated) to keep in this FAQ.  However, bugzilla is made for this, so just try this link.

QGroups don't quite work right yet...
A:  Correct.  That's a current area of hacking.  You may want to check out Loki's version of Bugzilla for some patches that support the group functionality you need.

Q:  Why can't I set "target milestone" to something other than a number?
A:  The concept of a target milestone was initially that each group would have their own definition for what each target milestone number is, but share a common pool of numbers.  Unfortunately, this concept has proven confusing for new and experienced users alike.  Someone needs to pick up the ball and run with "target milestone" so it has the following features:

Q:  Why shouldn't I delete bugs?
A:  If you allow bug deletion, you run the risk of screwing up dependencies in your database.  While these aren't always critical, it's sometimes tought to repair.  I recommend you do not allow bug deletion.
 
 


BUGZILLA HACKING

or "Who's this General Failure guy, and why is he trying to read my hard drive?"

Q: What's the best way to submit patches?  What guidelines should I follow.
A:  Tara summed this FAQ up nicely:

"Well, I guess I'd better answer this, as I'm the one who's supposed to be in charge of this stuff...
I say, if you have a patch that is a bug fix or feature enhancement, log a bug and attach the patch.  I've inherited almost 300 bugs from the ownership transition, so I can't guarantee how soon I'll get to it, but I'm steadily working my way through the bug list and trying to pay special attention to all bugs that do come with patches. Secondly, if you'd like faster feedback or better exposure, I'd post the bug number URL to the newsgroup so more people can have a look and provide feedback, suggestions, etc.  That way I think all bases are covered. Speaking for myself in trying to be a good module owner, getting a new bug makes sure I
don't lose track of your patch, so this makes it easier for me."
Q:  What does the above mean for me when I want to submit a bug?
A:  Follow this procedure:
  1. Enter a bug into bugzilla.mozilla.org for the "Webtools" product, "Bugzilla" component.
  2. Upload your patch as a unified DIFF (or new source file) by clicking "Create a new attachment" link on the bug page you've just created, and include any descriptions of database changes you may make, into the bug ID you submitted in step #1.
  3. Announce your patch and the associated URL (http://bugzilla.mozilla.org/show_bug.cgi?id=XXXX) for discussion in the newsgroup (netscape.public/mozilla.webtools).  You'll get a really good, fairly immediate reaction to the implications of your patch, which will also give Tara an idea how well-received the change would be.
  4. If it passes muster with minimal modification, Tara will put it into CVS.  If you submit enough really good patches (I have no idea how much "enough" is), you may be granted CVS write access.
  5. Bask in the glory of the fact that YOU helped write the most successful open-source bug-tracking software on the planet :)

API

QI want to add a new form or module to Bugzilla.  Where can I find API documention?
A:  Right now, there really is none.  I plan on writing copious documentation for what each file and module does, as well how to program new .cgi's to use the functionality and present alternate interfaces.

CGI scripts:

PM/pl modules: HTML:


Q: What are the most-needed features?
A:  Check out the Bugzilla Development Roadmap at http://www.mozilla.org/projects/bugzilla/roadmap.html


TINDERBOX

or "Friendly Fire... isn't"


I don't use it yet -- anybody have good FAQ's for this area?


BONSAI

or "I like to climb trees and eat peanut butter with a spatula while singing operas."


Same as Tinderbox. But these are still part of webtools, so they need to be here for completeness.


MAINTAINER & THIS DOCUMENT


Q:  Why do you use this antiquated format for maintaining the FAQ, instead of FAQ-O-Matic or (insert cool FAQ program here)
A:  I'm actively seeking a better way to maintain this.  It's easily maintainable in it's current form, but as it grows it will become much less so.  I'm interested in more options, but don't want to lose control of the FAQ or be subjected to a page that's a nest of hyperlinks and unprintable.  The FAQ-O-Matic tends to create FAQ's that cannot be easily printed as one page, and not easily portable to another format (particulary PDF).  One must be able to maintain the FAQ as a single, printable document; if you know of a good system that will fit the bill, let me know.

Q: Who are you?
A:  I'm Matthew P. Barnson, manager of Systems Administration for Excite@Home E-Business Services and part-time Bugzilla hacker :)

Q: Why are you doing this?
A:  I have nothing better to do with my time!
  Seriously, I run a fairly large private Bugzilla database.  I felt the need for some documentation to help other SysAdmins run this thing.  There was nothing out there like it, so I decided to improve what I'd written for internal documentation with more general questions and release it to the public under the MPL.  I feel like the Mozilla Webtools are far more in need of good documentation and a major architectural rewrite than they are more hacks to support more features.  Since I'm not qualified to write more than trivial hacks for Bugzilla if I were to code, I figured doing some documentation would be A Good Thing.

QHow are you affiliated with Mozilla.org?
A:  I'm not.

QWhere do those lame quotes in each section heading come from?
A:  Check out http://bugzilla.mozilla.org/data/comments.  These are random quips added by people who use bugzilla.  I find them endlessly entertaining.
  I am personally attempting to address the numerous documentation needs, including an Installation guide (based upon the README), Administration Guide, Troubleshooting guide, Database Management Guide, and Configuration Guide.
 


THE END