Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-16235

Missing Config Adjustments in Debian Packages

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 10.11.3
    • Fix Version/s: None
    • Component/s: Distribution - Debian
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      As requested by Vincent Massol I'm creating a new issue for some Debian package config issues.

      Besides the cache settings tracked in XWIKI-15756 (or a related follow-up issue, see https://jira.xwiki.org/browse/XWIKI-15756?focusedCommentId=102129&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-102129 ) there are some other recommended configuration settings which are not correctly specified by the Debian packages (see https://forum.xwiki.org/t/ldap-stopped-working-11-1/4583/14 for reference):

      1. Instead of /dev/random, /dev/urandom should be used to generate session IDs and similar, as it's done by the docker container: https://github.com/xwiki-contrib/docker-xwiki/blob/master/template/tomcat/setenv.sh#L35 (I guess this would not have any security impact as generated IDs will still be "good enough" and "securerandom" isn't used to perform actual encryption by Xwiki, I assume?)
      2. Apparently there are some slash-related config settings which should also be enabled for the Debian packages, see the same link as above. (Will this solve the problem that pages with a slash in their name only emit errors / are inaccessible in Tomcat?)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                GOhrner Gunter Ohrner
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Date of First Response: