Search Criteria
Package Details: mantisbt 2.26.2-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/mantisbt.git (read-only, click to copy) |
|---|---|
| Package Base: | mantisbt |
| Description: | Web-based issue tracking system |
| Upstream URL: | https://www.mantisbt.org/ |
| Keywords: | bugs php tracker |
| Licenses: | GPL2 |
| Submitter: | alucryd |
| Maintainer: | speed488 |
| Last Packager: | speed488 |
| Votes: | 3 |
| Popularity: | 0.000000 |
| First Submitted: | 2016-08-20 20:18 (UTC) |
| Last Updated: | 2024-05-17 11:23 (UTC) |
Dependencies (8)
- php
- curl (curl-quiche-gitAUR, curl-http3-ngtcp2AUR, curl-gitAUR, curl-c-aresAUR) (optional) – interface Twitter
- mariadb (mysql55AUR, mysql56AUR, mytop-gitAUR, mysql81AUR, mysql57AUR, mysql80AUR, mysqlAUR, mariadb-lts, percona-server) (optional) – use local MySQL server
- php-fpm (optional) – run in fastCGI process manager
- php-gd (optional) – generate captcha
- php-pgsql (optional) – use PostgreSQL database backend
- postgresql (postgresql-12AUR, postgresql13AUR, postgresql-gitAUR, postgresql15-docsAUR, postgresql15AUR, postgresql17-docsAUR, postgresql17AUR) (optional) – use local PostgreSQL database
- uwsgi-plugin-php (optional) – run as application container
Latest Comments
dvzrv commented on 2019-06-14 22:26 (UTC)
The upgrade to 2.21.1 requires mantisbt to be run as its own user/group: mantisbt.
I haven't gotten around updating the wiki page (in a long time), but will do that soonish and most likely also move mantisbt back to [community] after that.
If you need configuration inspiration, you can have a look at the wiki pages for cacti and postfixadmin, where I added a lot of info on how running php webapps as a separate user can/should be achieved.
Kunda commented on 2019-04-29 12:21 (UTC)
https://mantisbt.org/blog/archives/mantisbt/627
Please update to 2.21
dvzrv commented on 2019-01-24 18:32 (UTC)
@jamespharvey20: you're absolutely right. will change that asap. haven't been paying too much attention to this PKGBUILD (got busy with [community]).
jamespharvey20 commented on 2019-01-24 02:01 (UTC) (edited on 2019-01-24 02:09 (UTC) by jamespharvey20)
The configuration files are world readable, which is a security issue since they contain passwords for the database, potentially smtp, and the salt.
I think it would be a good idea if the PKGBUILD set ownership to all /etc/webapps/mantisbt/ files to http:http, permissions 600.
EDIT: I think this will also have the side effect of the initial installation being able to write config_inc.php rather than having it give a write error, which although easier, is a double edged sword because it would probably make a much shortened version potentially leaving out some of the helpful options and comments that are in upstream's config.inc.php.sample which is copied to config_inc.php by the PKGBUILD.
dvzrv commented on 2017-01-26 10:18 (UTC)
dvzrv commented on 2016-09-22 17:58 (UTC)