WIP

git-svn-id: svn://10.0.0.236/trunk@265709 18797224-902f-48f8-a5cc-f745e15eee43
2014-12-03 22:15:43 +00:00 · 2014-12-03 22:15:43 +00:00 · a8908d5eb9
commit a8908d5eb9
parent 6f6b960826
21 changed files with 59 additions and 203 deletions
--- a/mozilla/webtools/bugzilla/.bzrrev
+++ b/mozilla/webtools/bugzilla/.bzrrev
@ -1 +1 @@
-9237
+9238
--- a/mozilla/webtools/bugzilla/.gitrev
+++ b/mozilla/webtools/bugzilla/.gitrev
@ -1 +1 @@
-183bf9ac1928e570a922057954aa38e1d40dadb7
+1d769a4744586b2a0125338aceece84733a6e5e3
--- a/mozilla/webtools/bugzilla/docs/en/rst/administering/categorization.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/administering/categorization.rst
@ -8,6 +8,8 @@ Bugs in Bugzilla are classified into one of a set of admin-defined Components.
 Components are themselves each part of a single Product. Optionally, Products
 can be part of a single Classification, adding a third level to the hierarchy.
 .. _classifications:
 Classifications
 ###############
@ -69,7 +71,7 @@ Version
 Create chart datasets for this product
    Select to make chart datasets available for this product.
-It is compulsory to create at least one :ref:`component` in a product, and
+It is compulsory to create at least one :ref:`component <components>` in a product, and
 so you will be asked for the details of that too.
 When editing a product you can change all of the above, and there is also a
--- a/mozilla/webtools/bugzilla/docs/en/rst/administering/custom-fields.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/administering/custom-fields.rst
@ -85,7 +85,7 @@ The following attributes must be set for each new custom field:
 - *Can be set on bug creation:*
  Boolean that determines whether this field can be set on
  bug creation. If not selected, then a bug must be created
-  before this field can be set. See :ref:`bugreports`
+  before this field can be set. See :ref:`filing`
  for information about filing bugs.
 - *Displayed in bugmail for new bugs:*
--- a/mozilla/webtools/bugzilla/docs/en/rst/administering/groups.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/administering/groups.rst
@ -166,8 +166,8 @@ A User can become a member of a group in several ways:
   address in the search results to edit their profile. The profile
   page lists all the groups, and indicates if the user is a member of
   the group either directly or indirectly. More information on indirect
-   group membership is below. For more details on User administration,
+   group membership is below. For more details on User Administration,
-   see :ref:`useradmin`.
+   see :ref:`users`.
 #. The group can include another group of which the user is
   a member. This is indicated by square brackets around the checkbox
--- a/mozilla/webtools/bugzilla/docs/en/rst/administering/keywords.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/administering/keywords.rst
@ -11,7 +11,7 @@ bugs much easier.
 Keywords are global, rather than per-product. If the administrator changes
 a keyword currently applied to any bugs, the keyword cache must be rebuilt
-using the :ref:`sanitycheck` script. XXXDoes this mean changing the name of the keyword? Is it still true?
+using the :ref:`sanity-check` script. XXXDoes this mean changing the name of the keyword? Is it still true?
 Currently keywords cannot
 be marked obsolete to prevent future usage.
--- a/mozilla/webtools/bugzilla/docs/en/rst/installing/windows.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/installing/windows.rst
@ -94,11 +94,7 @@ Serving the web pages
 As is the case on Unix based systems, any web server should
 be able to handle Bugzilla; however, the Bugzilla Team still
-recommends Apache whenever asked. No matter what web server
+recommends Apache whenever asked.
 you choose, be sure to pay attention to the security notes
 in :ref:`security-webserver-access`. More
 information on configuring specific web servers can be found
 in :ref:`http`.
 .. note:: The web server looks at :file:`/usr/bin/perl` to
   call Perl. If you are using Apache on windows, you can set the
--- a/mozilla/webtools/bugzilla/docs/en/rst/integrating/tips.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/integrating/tips.rst
@ -3,6 +3,4 @@
 Integration Tips
 ################
-
+XXX Do we have any of these?
--- a/mozilla/webtools/bugzilla/docs/en/rst/maintaining/backups.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/maintaining/backups.rst
@ -17,6 +17,12 @@ MySQL
 :command:`mysqldump --opt -u $USERNAME -p $DATABASENAME > backup.sql`
 See the
 `mysqldump documentation <http://dev.mysql.com/doc/mysql/en/mysqldump.html>`_
 for more information on :file:`mysqldump`.
 .. todo:: Mention max_allowed_packet?
 PostgreSQL
 ----------
--- a/mozilla/webtools/bugzilla/docs/en/rst/security.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/security.rst
@ -1,165 +0,0 @@
 .. _security:
 =================
 Bugzilla Security
 =================
 While some of the items in this chapter are related to the operating
 system Bugzilla is running on or some of the support software required to
 run Bugzilla, it is all related to protecting your data. This is not
 intended to be a comprehensive guide to securing Linux, Apache, MySQL, or
 any other piece of software mentioned. There is no substitute for active
 administration and monitoring of a machine. The key to good security is
 actually right in the middle of the word: *U R It*.
 While programmers in general always strive to write secure code,
 accidents can and do happen. The best approach to security is to always
 assume that the program you are working with isn't 100% secure and restrict
 its access to other parts of your machine as much as possible.
 .. _security-os:
 Operating System
 ################
 .. _security-os-ports:
 TCP/IP Ports
 ============
 .. COMMENT: TODO: Get exact number of ports
 The TCP/IP standard defines more than 65,000 ports for sending
 and receiving traffic. Of those, Bugzilla needs exactly one to operate
 (different configurations and options may require up to 3). You should
 audit your server and make sure that you aren't listening on any ports
 you don't need to be. It's also highly recommended that the server
 Bugzilla resides on, along with any other machines you administer, be
 placed behind some kind of firewall.
 .. _security-os-accounts:
 System User Accounts
 ====================
 Many daemons, such
 as Apache's :file:`httpd` or MySQL's
 :file:`mysqld`, run as either ``root`` or
 ``nobody``. This is even worse on Windows machines where the
 majority of services
 run as ``SYSTEM``. While running as ``root`` or
 ``SYSTEM`` introduces obvious security concerns, the
 problems introduced by running everything as ``nobody`` may
 not be so obvious. Basically, if you run every daemon as
 ``nobody`` and one of them gets compromised it can
 compromise every other daemon running as ``nobody`` on your
 machine. For this reason, it is recommended that you create a user
 account for each daemon.
 .. note:: You will need to set the ``webservergroup`` option
   in :file:`localconfig` to the group your web server runs
   as. This will allow :file:`./checksetup.pl` to set file
   permissions on Unix systems so that nothing is world-writable.
 .. _security-os-chroot:
 The :file:`chroot` Jail
 =======================
 If your system supports it, you may wish to consider running
 Bugzilla inside of a :file:`chroot` jail. This option
 provides unprecedented security by restricting anything running
 inside the jail from accessing any information outside of it. If you
 wish to use this option, please consult the documentation that came
 with your system.
 .. _security-webserver:
 Web server
 ##########
 .. _security-webserver-access:
 Disabling Remote Access to Bugzilla Configuration Files
 =======================================================
 There are many files that are placed in the Bugzilla directory
 area that should not be accessible from the web server. Because of the way
 Bugzilla is currently layed out, the list of what should and should not
 be accessible is rather complicated. A quick way is to run
 :file:`testserver.pl` to check if your web server serves
 Bugzilla files as expected. If not, you may want to follow the few
 steps below.
 .. note:: Bugzilla ships with the ability to create :file:`.htaccess`
   files that enforce these rules. Instructions for enabling these
   directives in Apache can be found in :ref:`http-apache`
 - In the main Bugzilla directory, you should:
  - Block: :file:`*.pl`, :file:`*localconfig*`
 - In :file:`data`:
  - Block everything
 - In :file:`data/webdot`:
  - If you use a remote webdot server:
    - Block everything
    - But allow :file:`*.dot`
      only for the remote webdot server
  - Otherwise, if you use a local GraphViz:
    - Block everything
    - But allow: :file:`*.png`, :file:`*.gif`, :file:`*.jpg`, :file:`*.map`
  - And if you don't use any dot:
    - Block everything
 - In :file:`Bugzilla`:
  - Block everything
 - In :file:`template`:
  - Block everything
 Be sure to test that data that should not be accessed remotely is
 properly blocked. Of particular interest is the localconfig file which
 contains your database password. Also, be aware that many editors
 create temporary and backup files in the working directory and that
 those should also not be accessible. For more information, see
 `bug 186383 <http://bugzilla.mozilla.org/show_bug.cgi?id=186383>`_
 or
 `Bugtraq ID 6501 <http://online.securityfocus.com/bid/6501>`_.
 To test, simply run :file:`testserver.pl`, as said above.
 .. note:: Be sure to check :ref:`http` for instructions
   specific to the web server you use.
 .. _security-bugzilla:
 Bugzilla
 ########
 .. _security-bugzilla-charset:
 Prevent users injecting malicious Javascript
 ============================================
 If you installed Bugzilla version 2.22 or later from scratch,
 then the *utf8* parameter is switched on by default.
 This makes Bugzilla explicitly set the character encoding, following
 `a
 CERT advisory <http://www.cert.org/tech_tips/malicious_code_mitigation.html#3>`_ recommending exactly this.
 The following therefore does not apply to you; just keep
 *utf8* turned on.
 If you've upgraded from an older version, then it may be possible
 for a Bugzilla user to take advantage of character set encoding
 ambiguities to inject HTML into Bugzilla comments.
 This could include malicious scripts.
 This is because due to internationalization concerns, we are unable to
 turn the *utf8* parameter on by default for upgraded
 installations.
 Turning it on manually will prevent this problem.
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/overview.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/overview.rst
@ -40,5 +40,5 @@ It is also possible, particularly if your server machine does not have and
 cannot be configured to have access to the public internet, to upgrade using
 a tarball. See :ref:`upgrading-with-a-tarball`.
-Before performing any upgrade, it's a good idea to back up both your Bugzilla
+Before performing any upgrade, it's a good idea to :ref:`back up <backups>`
-directory and your database. XXXlink to backup info in Maintenance
+both your Bugzilla directory and your database.
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-1.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-1.rst
@ -1,5 +1,3 @@
 :orphan:
 The procedure to switch to Git is as follows. The idea is to switch version
 control systems without changing the exact version of Bugzilla you are using,
 to minimise the risk of conflict or problems. Any major upgrade can then
@ -49,3 +47,28 @@ Then run checksetup to upgrade your database:
 You should then test your Bugzilla carefully, or just use it for a day or two,
 to make sure it's all still working fine.
 .. _get-from-git:
 Download Code from Git
 ======================
 Download a copy of your current version of Bugzilla from the git repository
 into a separate directory alongside your existing Bugzilla installation
 (which we will assume is in a directory called :file:`bugzilla`).
 You will need a copy of the git program. All Linux installations have it;
 search your package manager for "git". On Windows or Mac OS X, you can
 `download the official build <http://www.git-scm.com/downloads>`_.
 Once git is installed, run these commands to pull a copy of Bugzilla:
 :command:`git clone https://git.mozilla.org/bugzilla/bugzilla bugzilla-new`
 :command:`cd bugzilla-new`
 :command:`git checkout $VERSION`
 Replace $VERSION with the two-digit version number of your current Bugzilla, e.g.
 4.2. These command will automatically change your version to the latest
 point release of version $VERSION.
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-2.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-2.rst
@ -1,5 +1,3 @@
 :orphan:
 Save Any Local Customizations
 =============================
@ -18,7 +16,7 @@ Shut Down Bugzilla
 At this point, you should shut down Bugzilla to make sure nothing changes
 while you make the switch. Go into the administrative interface and put an
-appropriate message into the :guilabel:`shutdownhtml` parameter, which is in the
+appropriate message into the :param:`shutdownhtml` parameter, which is in the
 "General" section of the administration parameters. As the name implies, HTML
 is allowed.
@ -94,7 +92,7 @@ Re-enable Bugzilla
 ==================
 Go into the administrative interface and clear the contents of the
-:guilabel:`shutdownhtml` parameter.
+:param:`shutdownhtml` parameter.
 Test Bugzilla
 =============
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-bazaar.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-bazaar.rst
@ -8,5 +8,4 @@ Upgrading from Bazaar
 .. |extstatusinfo| replace:: The command :command:`bzr status extensions/` should help you work out what you added, if anything.
 .. include:: upgrading-from-1.rst
 .. include:: get-from-git.rst
 .. include:: upgrading-from-2.rst
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-cvs.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-from-cvs.rst
@ -3,14 +3,11 @@
 Upgrading from CVS
 ##################
-XXX Fill in commands from https://wiki.mozilla.org/Bugzilla:Moving_From_CVS_To_Bazaar
+.. |updatecommand| replace:: :command:`cvs update -rBUGZILLA-$VERSION-STABLE -dP`
-
+.. |diffcommand|   replace:: :command:`cvs diff -puN > patch.diff`
-.. |updatecommand| replace:: :command:`bzr up -r tag:bugzilla-$VERSION`
+.. |extstatusinfo| replace:: The command :command:`cvs status extensions/` should help you work out what you added, if anything.
 .. |diffcommand|   replace:: :command:`bzr diff > patch.diff`
 .. |extstatusinfo| replace:: The command :command:`bzr status extensions/` should help you work out what you added, if anything.
 .. include:: upgrading-from-1.rst
 .. include:: get-from-git.rst
 .. include:: upgrading-from-2.rst
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-with-a-tarball.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-with-a-tarball.rst
@ -17,6 +17,8 @@ Bugzilla installation (which we will assume is in a directory called
 :file:`bugzilla`).
 .. |diffcommand|   replace:: :command:`diff -u > patch.diff`
-.. |extstatusinfo| replace:: With no SCM to help you, you will have to work out by hand which extensions came with Bugzilla and which you added.
+.. |extstatusinfo| replace:: With no SCM to help you, you will have to
                             work out by hand which extensions came with
                             Bugzilla and which you added.
 .. include:: upgrading-from-2.rst
--- a/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-with-git.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/upgrading/upgrading-with-git.rst
@ -16,7 +16,7 @@ for you.
   to trial the upgrade on a development server first, using a copy of the
   production data and configuration.
-In the commands below, :command:`$BUGZILLA_HOME` represents the directory
+In the commands below, ``$BUGZILLA_HOME`` represents the directory
 in which Bugzilla is installed.
 .. _upgrade-before:
@ -40,7 +40,7 @@ steps to take:
   possible that you may experience problems during your upgrade.
 #. Shut down your Bugzilla installation by putting some explanatory text
-   in the :guilabel:`shutdownhtml` parameter.
+   in the :param:`shutdownhtml` parameter.
 #. Make all necessary :ref:`backups`.
   *THIS IS VERY IMPORTANT*. If anything goes wrong during the upgrade,
@ -107,7 +107,7 @@ Finishing The Upgrade
 =====================
 #. Reactivate Bugzilla by clear the text that you put into the
-   :guilabel:`shutdownhtml` parameter.
+   :param:`shutdownhtml` parameter.
 #. Run a :ref:`sanity-check` on your
   upgraded Bugzilla. It is recommended that you fix any problems
--- a/mozilla/webtools/bugzilla/docs/en/rst/using/editing.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/using/editing.rst
@ -31,7 +31,7 @@ field; Bugzilla will convert it into an attachment. This is pretty useful
 when you are copying and pasting, to avoid the extra step of saving the text
 in a temporary file.
-.. _flags:
+.. _editing-flags:
 Flags
 =====
--- a/mozilla/webtools/bugzilla/docs/en/rst/using/finding.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/using/finding.rst
@ -55,7 +55,7 @@ values. If none is selected, then the field can take any value.
 After a search is run, you can save it as a Saved Search, which
 will appear in the page footer. If you are in the group defined
 by the "querysharegroup" parameter, you may share your queries
-with other users, see :ref:`savedsearches` for more details.
+with other users, see :ref:`saved-searches` for more details.
 .. _custom-search:
--- a/mozilla/webtools/bugzilla/docs/en/rst/using/preferences.rst
+++ b/mozilla/webtools/bugzilla/docs/en/rst/using/preferences.rst
@ -98,7 +98,7 @@ Saved Searches
 On this tab you can view and run any Saved Searches that you have
 created, and also any Saved Searches that other members of the group
-defined in the :guilabel:`querysharegroup` parameter have shared.
+defined in the :param:`querysharegroup` parameter have shared.
 Saved Searches can be added to the page footer from this screen.
 If somebody is sharing a Search with a group she or he is allowed to
 :ref:`assign users to <groups>`, the sharer may opt to have
--- a/mozilla/webtools/bugzilla/extensions/Voting/doc/voting.rst
+++ b/mozilla/webtools/bugzilla/extensions/Voting/doc/voting.rst
@ -3,7 +3,7 @@
 Voting
 ######
-To enable the Voting exteion, you must remove the :file:`disabled`
+To enable the Voting extension, you must remove the :file:`disabled`
 file from the directory :file:`extensions/Voting/`, and run
 :file:`checksetup.pl`.
		`@ -1 +1 @@`
			`183bf9ac1928e570a922057954aa38e1d40dadb7`				`1d769a4744586b2a0125338aceece84733a6e5e3`