enterprise-support team mailing list archive

Thread
Date

[Bug 2073349] [NEW] Please re-evaluate the libapache2-mod-* and their component placement

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Christian Ehrhardt  <2073349@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Jul 2024 06:54:54 -0000
Reply-to: Bug 2073349 <2073349@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Public bug reported:

The situation with various libapache2-mod-* is unclear, due to not
having had a deep look in what seems too long. Historically the more
common 6 plus a few deps and later a few for openstack have been in
main. That is a small subset of the currently 75 libapache2-mod-* that
are in the archive.

Note: This is not about the super-common modules like cache, ssl,
rewrite, deflate, ... as they are part of apache2 itself - it is only
about external mods extending apache2.

AFAICS right now for Oracular that includes:

Some via the back then popular lamp stack:
- libapache2-mod-php
Pulls in the versioned variant of the release like:
- libapache2-mod-php8.3

Several were related, but not directly depended on - yet they were considered important and added
- libapache2-mod-apparmor
- libapache2-mod-auth-pgsql
- libapache2-mod-auth-plain
- libapache2-mod-perl2
- libapache2-reload-perl

Some indirect auto-includes:
- libapache2-mod-perl2-dev
- libapache2-mod-perl2-doc

Others have been in main, but demoted since
- libapache2-mod-python

Python has been dropped by [1], due to python2.
But nowadays it is compatible with python3, so just re-add it right?
Yet I'm not a web-stack expert, are people using python using it through libapache2-mod-python or do they prefer mod_wsgi or even not doing that in apache? The same question could be asked for the others too.

Some further libapache2-mod-* packages are related to openstack:

Added for openstack:
- libapache2-mod-auth-mellon
via bug 1610286

- libapache2-mod-wsgi-py3
This initially got added for python-moin-moin, but that is itself is removed since a long time.
It is still used in openstack components though and hence held in main,
but still subscribed by server.

- libapache2-mod-auth-openidc
This is not in main, but still subscribed by the openstack team?

To make this more complex, most of these are in main since the dawn of archive-time:
- positive:
- the server team is subscribed to these for ages and there
rarely have been many issues in any of these except sometimes php
- negative:
- No MIR bugs, no extended rationale, no deep QA as we'd do today
- re-adding any probably needs MIRs to today's standards and
while touching one maybe we should get all handled.
But that makes this a much bigger task.

What might need to do from here:
1. Do an evaluation in more detail, engaging with web admins and developers:
- Should we re-add libapache2-mod-python to main?
- Should we instead drop some/all others from main?
- Ask internal web devs, ask ubuntu-devel, do research, ... up to you
2. Sync with openstack
- now that bionic is in ESM we'd not watch for mod-wsgi anymore
- coordinate for them to take over the subscription
3. sync with others as needed
- for example the odd subscribed not in main mod_auth_openidc
is that important or not? Contact the identity team which
would be important in their opinion?
4. depending on the outcome of #1/#2/#3
- should we re-MIR those we re-add, prepare that
- should we add new modules, prepare MIRs for those
- should we re-MIR the others already in main, prepare that

Or I'm totally off with my thoughts - after all I'm really not a web-stack expert.
This isn't urgent, if we found agreement on a way and get it resolved towards 26.04 that should be ok - which does not mean it is fine to wait. Such discussions and moves can take quite some time.

I think this will need to start with a discussion, then an assessment of the situation deeper than the 10 minutes I found and from there depending on what we decide.
Hence I tag this triage-discuss to get it started.

[1]: https://git.launchpad.net/~ubuntu-core-dev/ubuntu-
seeds/+git/ubuntu/commit/?id=0cd71d6e8ab8ef891b1b4498e2a085bdf14a3392

** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New

** Tags: server-triage-discuss

** Tags added: server-triage-discuss

--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2073349

Title:
Please re-evaluate the libapache2-mod-* and their component placement

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/2073349/+subscriptions