Search Criteria
Package Details: mantisbt 2.25.5-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/mantisbt.git (read-only, click to copy) |
|---|---|
| Package Base: | mantisbt |
| Description: | Web-based issue tracking system |
| Upstream URL: | https://www.mantisbt.org/ |
| Keywords: | bugs php tracker |
| Licenses: | GPL2 |
| Submitter: | alucryd |
| Maintainer: | dvzrv |
| Last Packager: | dvzrv |
| Votes: | 3 |
| Popularity: | 0.000000 |
| First Submitted: | 2016-08-20 20:18 (UTC) |
| Last Updated: | 2022-08-14 21:03 (UTC) |
Dependencies (8)
- php (php7-symlinks, php7-meta, php56, php-zts)
- curl (curl-minimal-git, curl-git) (optional) – interface Twitter
- mariadb (mysql55, mysql56, mysql57, mytop-git, mysql, percona-server) (optional) – use local MySQL server
- php-fpm (php56-fpm, php-zts-fpm) (optional) – run in fastCGI process manager
- php-gd (php56-gd, php-zts-gd) (optional) – generate captcha
- php-pgsql (php56-pgsql, php-zts-pgsql) (optional) – use PostgreSQL database backend
- postgresql (pipelinedb, agensgraph-git, postgresql-1c, postgresql-9.5, postgresql-9.4, postgresql-src-beta, postgresql-9.6, postgresql-11, postgresql-10, postgresql-lts, postgresql-12, postgresql-src, postgresql13) (optional) – use local PostgreSQL database
- uwsgi-plugin-php (optional) – run as application container
Latest Comments
dvzrv commented on 2019-06-14 22:26 (UTC)
The upgrade to 2.21.1 requires mantisbt to be run as its own user/group: mantisbt.
I haven't gotten around updating the wiki page (in a long time), but will do that soonish and most likely also move mantisbt back to [community] after that.
If you need configuration inspiration, you can have a look at the wiki pages for cacti and postfixadmin, where I added a lot of info on how running php webapps as a separate user can/should be achieved.
Kunda commented on 2019-04-29 12:21 (UTC)
https://mantisbt.org/blog/archives/mantisbt/627
Please update to 2.21
dvzrv commented on 2019-01-24 18:32 (UTC)
@jamespharvey20: you're absolutely right. will change that asap. haven't been paying too much attention to this PKGBUILD (got busy with [community]).
jamespharvey20 commented on 2019-01-24 02:01 (UTC) (edited on 2019-01-24 02:09 (UTC) by jamespharvey20)
The configuration files are world readable, which is a security issue since they contain passwords for the database, potentially smtp, and the salt.
I think it would be a good idea if the PKGBUILD set ownership to all /etc/webapps/mantisbt/ files to http:http, permissions 600.
EDIT: I think this will also have the side effect of the initial installation being able to write config_inc.php rather than having it give a write error, which although easier, is a double edged sword because it would probably make a much shortened version potentially leaving out some of the helpful options and comments that are in upstream's config.inc.php.sample which is copied to config_inc.php by the PKGBUILD.
dvzrv commented on 2017-01-26 10:18 (UTC)
dvzrv commented on 2016-09-22 17:58 (UTC)