Re: Setting up drupal for GUADEC

[Germán Poó Caamaño <gpoo ubiobio cl>]

El mié, 14-12-2005 a las 23:39 -0500, Owen Taylor escribió:
> OK, spent an hour or so enabling the install of Drupal at the
> Guadec team's request.
> [...]
> - Created /etc/httpd/sites.d/guadec-drupal.conf pointed at
>   /usr/local/www/guadec-drupal 
> 
> - Created /var/log/httpd/guadec-drupal (ownership root:gnomeweb)
> 
> - Created /home/admin/secret/drupal as a PHP file with the
>   database password, ownership apache:apache 0440. Don't hard
>   code the DB password into any files inside the web root,
>   instead include this file.
> 
> I didn't try to get drupal actually up and running myself; but the
> above should as far as I can see be sufficient for doing so.
> 
> The question that hasn't been answered to my satisfaction yet
> is what the plans are for maintaining this site with version
> control and how it is going to be upgraded for new Drupal 
> versions. 
> 
> If you diff the guadecsite tarball against the upstream
> drupal-4.6.4.tar.gz, there are changes to sites/default/settings.php,
> which is expected, but also the "pushbutton" theme has been
> hacked up in place. (I didn't look at what, if anything has
> been done to the modules that are also in the guadecsite
> tarball.)

IMHO, safe_mode should be enabled to minimize any impact on any
drupal flaw.  And also, disable dynamic load of libraries
(enable_dl Off).

Using safe_mode, automatically some functions will be disabled,
such as shell_exec, system, popen, exec, passthru; even it's
only possible to browse directories where the owner it's the
script's owner.

It can be set inside of VirtualHost.  AFAIU, Drupal should
work ok using safe_mode, but for third people modules must
be checked.

It should be just setting php_admin_value inside of the 
VirtualHost.

-- 
Germán Poó Caamaño
http://www.ubiobio.cl/~gpoo/
Concepción - Chile