File: faq.xml

package info (click to toggle)
bugzilla 2.16.7-7sarge2
links: PTS
area: main
in suites: sarge
size: 4,696 kB
ctags: 492
sloc: perl: 20,289; xml: 6,856; sh: 338; makefile: 211; python: 172
file content (1489 lines) | stat: -rw-r--r-- 48,983 bytes
<!-- <!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook V4.1//EN"> -->

<appendix id="faq">
  <title>The Bugzilla FAQ</title>

  <para>
    This FAQ includes questions not covered elsewhere in the Guide.
  </para>
  
  <qandaset>


    <qandadiv id="faq-general">
      <title>General Questions</title>

      <qandaentry>
	<question id="faq-general-information">
	  <para>
	    Where can I find information about Bugzilla?</para>
	</question>
	<answer>
	  <para>
	    You can stay up-to-date with the latest Bugzilla
	    information at <ulink url="http://www.bugzilla.org/">
	    http://www.bugzilla.org/</ulink>
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-license">
	  <para>
	    What license is Bugzilla distributed under?
	  </para>
	</question>
	<answer>
	  <para>
	    Bugzilla is covered by the Mozilla Public License.
	    See details at <ulink url="http://www.mozilla.org/MPL/">
	    http://www.mozilla.org/MPL/</ulink>
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-support">
	  <para>
	    How do I get commercial support for Bugzilla?
	  </para>
	</question>
	<answer>
          <para>
            <ulink url="http://bugzilla.org/consulting.html"/>
            is a list of people and companies who have asked us to list them
            as consultants for Bugzilla.
          </para>
	  <para>
	    <ulink url="http://www.collab.net/">www.collab.net</ulink> offers
	    Bugzilla as part of their standard offering to large projects.
	    They do have some minimum fees that are pretty hefty, and generally
	    aren't interested in small projects.
	  </para>
	  <para>
	    There are several experienced
	    Bugzilla hackers on the mailing list/newsgroup who are willing
	    to make themselves available for generous compensation.
	    Try sending a message to the mailing list asking for a volunteer.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-companies">
	  <para>
	    What major companies or projects are currently using Bugzilla
	    for bug-tracking?
	  </para>
	</question>
	<answer>
	  <para>
	    There are <emphasis>dozens</emphasis> of major companies with public
	    Bugzilla sites to track bugs in their products.  A few include:
	    <simplelist>
	      <member>Netscape/AOL</member>
	      <member>Mozilla.org</member>
	      <member>NASA</member>
	      <member>Red Hat Software</member>
	      <member>SuSe Corp</member>
	      <member>The Horde Project</member>
	      <member>AbiSource</member>
	      <member>Real Time Enterprises, Inc</member>
	      <member>Eggheads.org</member>
	      <member>Strata Software</member>
	      <member>RockLinux</member>
	      <member>Creative Labs (makers of SoundBlaster)</member>
	      <member>The Apache Foundation</member>
	      <member>The Gnome Foundation</member>
	      <member>Ximian</member>
	      <member>Linux-Mandrake</member>
	    </simplelist>
	  </para>
	  <para>
	    Suffice to say, there are more than enough huge projects using Bugzilla
	    that we can safely say it's extremely popular.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-maintainers">
	  <para>
	    Who maintains Bugzilla?
	  </para>
	</question>
	<answer>
	  <para>
	    A 
      <ulink url="http://www.bugzilla.org/who_we_are.html">core team</ulink>,
      led by Dave Miller (justdave@bugzilla.org).      
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-compare">
	  <para>
	    How does Bugzilla stack up against other bug-tracking databases?
	  </para>
	</question>
	<answer>
	  <para>
	    We can't find any head-to-head comparisons of Bugzilla against
	    other defect-tracking software. If you know of one, please
      get in touch. However, from the author's personal
	    experience with other bug-trackers, Bugzilla offers
	    superior performance on commodity hardware, better price
	    (free!), more developer- friendly features (such as stored
	    queries, email integration, and platform independence),
	    improved scalability, open source code, greater
	    flexibility, and superior ease-of-use.
	  </para>
	  <para>
	    If you happen to be a commercial bug-tracker vendor, please
	    step forward with a list of advantages your product has over
      Bugzilla. We'd be happy to include it in the "Competitors"
      section.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-bzmissing">
	  <para>
	    Why doesn't Bugzilla offer this or that feature or compatibility
	    with this other tracking software?
	  </para>
	</question>
	<answer>
	  <para>
	    It may be that the support has not been built yet, or that you
	    have not yet found it.  Bugzilla is making tremendous strides in
	    usability, customizability, scalability, and user interface.  It
	    is widely considered the most complete and popular open-source
	    bug-tracking software in existence.
	  </para>
	  <para>
	    That doesn't mean it can't use improvement!
	    You can help the project along by either hacking a patch yourself
	    that supports the functionality you require, or else submitting a
	    "Request for Enhancement" (RFE) using the bug submission interface
	    at <ulink url="http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla">bugzilla.mozilla.org</ulink>.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-mysql">
	  <para>
	    Why MySQL?  I'm interested in seeing Bugzilla run on
	    Oracle/Sybase/Msql/PostgreSQL/MSSQL.
	  </para>
	</question>
	<answer>
	  <para>
            MySQL was originally chosen because it is free, easy to install,
            and was available for the hardware Netscape intended to run it on.
	  </para>
          <para>
            There is currently work in progress to make Bugzilla work on
            PostgreSQL and Sybase in the default distribution.  You can track
            the progress of these initiatives in bugs <ulink
            url="http://bugzilla.mozilla.org/show_bug.cgi?id=98304">98304</ulink>
            and <ulink
            url="http://bugzilla.mozilla.org/show_bug.cgi?id=173130">173130</ulink>
            respectively.
          </para>
          <para>
            Once both of these are done, adding support for additional
            database servers should be trivial.
          </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-general-bonsaitools">
	  <para>
	    Why do the scripts say
            <filename>/usr/bonsaitools/bin/perl</filename> instead of
	    <filename>/usr/bin/perl</filename> or something else?
	  </para>
	</question>
	<answer>
	  <para>
	     Mozilla.org used <filename>/usr/bonsaitools/bin/perl</filename>,
             because originally Terry wanted a place to put a version of Perl
             and other tools that was strictly under his control. 
          </para>
          <note>
            <para>
              This convention was abonded during the 2.17 development cycle so
              it will no longer be an issue when 2.18 comes out.
            </para>
          </note>
	</answer>
      </qandaentry>


      <qandaentry>
	<question id="faq-general-cookie">
	  <para>
	    Is there an easy way to change the Bugzilla cookie name?
	  </para>
	</question>
	<answer>
	  <para>
	    At present, no.
	  </para>
	</answer>
      </qandaentry>
      
    </qandadiv>

    <qandadiv id="faq-phb">
      <title>Managerial Questions</title>
      <para>
	<note>
	  <para>
	    Questions likely to be asked by managers. :-)
	  </para>
	</note>
      </para>

      <qandaentry>
	<question id="faq-phb-client">
	  <para>
	    Is Bugzilla web-based, or do you have to have specific software or
	    a specific operating system on your machine?
	  </para>
	</question>
	<answer>
	  <para>
	    It is web and e-mail based.  You can edit bugs by sending specially
	    formatted email to a properly configured Bugzilla, or control via the web.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-integration">
	  <para>
	    Can Bugzilla integrate with
	    Perforce (SCM software)?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes!  You can find more information elsewhere in "The Bugzilla
	    Guide" in the "Integration with Third-Party Products" section.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-projects">
	  <para>
	    Does Bugzilla allow the user to track multiple projects?
	  </para>
	</question>
	<answer>
	  <para>
	    Absolutely!  You can track any number of Products that can each be
            composed of any number of Components.
	  </para>
          <note>
            <para>There are only 55 groups available in version 2.16 of
            Bugzilla. If you are using product groups, this will also limit
            the number of products you can have. This limit does not exist in
            the current 2.17 development releases and will not exist in 2.18.
            </para>
          </note>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-sorting">
	  <para>
	    If I am on many projects, and search for all bugs assigned to me, will
	    Bugzilla list them for me and allow me to sort by project, severity etc?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-attachments">
	  <para>
	    Does Bugzilla allow attachments (text, screenshots, URLs etc)? If yes,
	    are there any that are NOT allowed?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes - any sort of attachment is allowed, although administrators can
      configure a maximum size.  
            Bugzilla gives the user the option of either using the MIME-type
            supplied by the browser, choosing from a pre-defined list or
            manually typing any arbitrary MIME-type. 
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-priorities">
	  <para>
	    Does Bugzilla allow us to define our own priorities and levels? Do we
	    have complete freedom to change the labels of fields and format of them, and
	    the choice of acceptable values?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.  However, modifying some fields, notably those related to bug
	    progression states, also require adjusting the program logic to
	    compensate for the change.
	  </para>
	  <para>
	    There is no GUI for adding fields to Bugzilla at this
	    time.  You can follow development of this feature at
	    <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=91037"/>.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-reporting">
	  <para>
	    Does Bugzilla provide any reporting features, metrics, graphs, etc? You
	    know, the type of stuff that management likes to see. :)
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.  Look at <ulink url="http://bugzilla.mozilla.org/reports.cgi"/>
	    for samples of what Bugzilla can do in reporting and graphing.
	  </para>
	  <para>
            If you can not get the reports you want from the included reporting
            scripts, it is possible to hook up a professional reporting package
            such as Crystal Reports using ODBC. If you choose to do this,
            beware that giving direct access to the database does contain some
            security implications. Even if you give read-only access to the
            bugs database it will bypass the secure bugs features of Bugzilla.
	  </para>
          <note>
            <para>
              Bugzilla's current development versions can do a lot more in the
              way of reporting. To see examples, check out
              <ulink url="http://bugzilla.mozilla.org/report.cgi"/>.
            </para>
          </note>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-email">
	  <para>
	    Is there email notification and if so, what do you see when you get an
	    email?
	  </para>
	</question>
	<answer>
	  <para>
	    Email notification is user-configurable.  By default, the bug id and 
      Summary of the bug report accompany each email notification, along with
	    a list of the changes made.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-cclist">
	  <para>
	    Can email notification be set up to send to multiple
	    people, some on the To List, CC List, BCC List etc?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-emailapp">
	  <para>
	    Do users have to have any particular
	    type of email application?
	  </para>
	</question>
	<answer>
	  <para>
	    Bugzilla email is sent in plain text, the most compatible mail format
	    on the planet.
	    <note>
	      <para>
		If you decide to use the bugzilla_email integration features
		to allow Bugzilla to record responses to mail with the associated bug,
		you may need to caution your users to set their mailer to "respond
		to messages in the format in which they were sent".  For security reasons
		Bugzilla ignores HTML tags in comments, and if a user sends HTML-based
		email into Bugzilla the resulting comment looks downright awful.
	      </para>
	    </note>
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-data">
	  <para>
	    Does Bugzilla allow data to be imported and exported? If I had outsiders
	    write up a bug report using a MS Word bug template, could that template be
	    imported into "matching" fields? If I wanted to take the results of a query
	    and export that data to MS Excel, could I do that?
	  </para>
	</question>
	<answer>
          <para>
            Bugzilla can only output buglists as HTML in version 2.16. There
            are other formats available (CSV and RDF) in the newer development
            versions.
          </para>
          <para>
            Bugzilla can export bugs using <filename>xml.cgi</filename> with
            either a bug number or list of bug numbers.
          </para>
          <para>
            Currently the only script included with Bugzilla that can import
            data is <filename>importxml.pl</filename> which is intended to be
            used for importing the data generated by <filename>xml.cgi</filename>
            in association with bug moving. Any other use is left as an
            exercise for the user.
          </para>
          <para>
            There are also scripts included in the <filename>contrib/</filename>
            directory for using e-mail to import information into Bugzilla,
            but these scripts are not currently supported and included for
            educational purposes.
          </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-l10n">
	  <para>
	    Has anyone converted Bugzilla to another language to be used in other
	    countries? Is it localizable?
	  </para>
	</question>
	<answer>
	  <para>
            Yes.  For more information including available translated templates,
            see <ulink
            url="http://www.bugzilla.org/download.html#localizations"/>.
            The admin interfaces are still not included in these translated
            templates and is therefore still English only.  Also, there may be
            issues with the charset not being declared.  See <ulink
            url="http://bugzilla.mozilla.org/show_bug.cgi?id=126266">bug 126226</ulink>
            for more information.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-reports">
	  <para>
	    Can a user create and save reports? Can they do this in Word format?
	    Excel format?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.  No.  Not in 2.16.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-searching">
	  <para>
	    Does Bugzilla have the ability to search by word, phrase, compound
	    search?
	  </para>
	</question>
	<answer>
	  <para>
	    You have no idea.  Bugzilla's query interface, particularly with the
	    advanced Boolean operators, is incredibly versatile.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-midair">
	  <para>
	     Does Bugzilla provide record locking when there is simultaneous access
	    to the same bug? Does the second person get a notice that the bug is in use
	    or how are they notified?
	  </para>
	</question>
	<answer>
	  <para>
	    Bugzilla does not lock records.  It provides mid-air collision detection,
	    and offers the offending user a choice of options to deal with the conflict.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-backup">
	  <para>
	    Are there any backup features provided?
	  </para>
	</question>
	<answer>
	  <para>
	    MySQL, the database back-end for Bugzilla, allows hot-backup of data.
	    You can find strategies for dealing with backup considerations
	    at <ulink url="http://www.mysql.com/doc/B/a/Backup.html">
	    http://www.mysql.com/doc/B/a/Backup.html</ulink>
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-livebackup">
	  <para>
	    Can users be on the system while a backup is in progress?
	  </para>
	</question>
	<answer>
	  <para>
	    Yes.  However, commits to the database must wait
	    until the tables are unlocked.  Bugzilla databases are typically
	    very small, and backups routinely take less than a minute.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
        <question id="faq-phb-cvsupdate">
          <para>
            How can I update the code and the database using CVS?
          </para>
        </question>
        <answer>
          <para>
            <orderedlist>
              <listitem>
                <para>
                  Make a backup of both your Bugzilla directory and the
                  database. For the Bugzilla directory this is as easy as
                  doing <command>cp -rp bugzilla bugzilla.bak</command>.
                  For the database, there's a number of options - see the
                  MySQL docs and pick the one that fits you best (the easiest
                  is to just make a physical copy of the database on the disk,
                  but you have to have the database server shut down to do
                  that without risking dataloss).
                </para>
              </listitem>

              <listitem>
                <para>
                  Make the Bugzilla directory your current directory.
                </para>
              </listitem>

              <listitem>
                <para>
                  Use <command>cvs -q update -AdP</command> if you want to
                  update to the tip or
                  <command>cvs -q update -dP -rTAGNAME</command>
                  if you want a specific version (in that case you'll have to
                  replace TAGNAME with a CVS tag name such as BUGZILLA-2_16_5).
                </para>

                <para>
                  If you've made no local changes, this should be very clean.
                  If you have made local changes, then watch the cvs output
                  for C results. If you get any lines that start with a C
                  it means there  were conflicts between your local changes
                  and what's in CVS. You'll need to fix those manually before
                  continuing.
                </para>
              </listitem>

              <listitem>
                <para>
                  After resolving any conflicts that the cvs update operation
                  generated, running <command>./checksetup.pl</command> will
                  take care of updating the database for you as well as any
                  other changes required for the new version to operate.
                </para>

                <warning>
                  <para>
                    Once you run checksetup.pl, the only way to go back is
                    to restore the database backups. You can't "downgrade"
                    the system cleanly under most circumstances.
                  </para>
                </warning>
              </listitem>
            </orderedlist>
          </para>
        </answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-maintenance">
	  <para>
	    What type of human resources are needed to be on staff to install and
	    maintain Bugzilla? Specifically, what type of skills does the person need to
	    have? I need to find out if we were to go with Bugzilla, what types of
	    individuals would we need to hire and how much would that cost vs buying an
	    "Out-of-the-Box" solution.
	  </para>
	</question>
	<answer>
	  <para>
	    If Bugzilla is set up correctly from the start, continuing maintenance
      needs are minimal and can be done easily using the web interface.
	  </para>
	  <para>
	    Commercial Bug-tracking software typically costs somewhere upwards
	    of $20,000 or more for 5-10 floating licenses.  Bugzilla consultation
	    is available from skilled members of the newsgroup. Simple questions
      are answered there and then.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-installtime">
	  <para>
	    What time frame are we looking at if we decide to hire people to install
	    and maintain the Bugzilla? Is this something that takes hours or weeks to
	    install and a couple of hours per week to maintain and customize or is this
	    a multi-week install process, plus a full time job for 1 person, 2 people,
	    etc?
	  </para>
	</question>
	<answer>
	  <para>
	    It all depends on your level of commitment.  Someone with much Bugzilla
	    experience can get you up and running in less than a day, and
	    your Bugzilla install can run untended for years.  If your
	    Bugzilla strategy is critical to your business workflow, hire somebody
	    with reasonable UNIX or Perl skills to handle your process management and
	    bug-tracking maintenance &amp; customization.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-phb-cost">
	  <para>
	    Is there any licensing fee or other fees for using Bugzilla? Any
	    out-of-pocket cost other than the bodies needed as identified above?
	  </para>
	</question>
	<answer>
	  <para>
	    No.  MySQL asks, if you find their product valuable, that you purchase
	    a support contract from them that suits your needs.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
        <question id="faq-phb-reloginEveryone">
          <para>
            Why do users have to log in every time they access a page? This
            affects everyone who accesses my Bugzilla. (If this only affects
            some of your users, see the next FAQ item.)
          </para>
        </question>
        <answer>
          <para>
            The most-likely cause is that the "cookiepath" parameter is not set
            correctly in the Bugzilla configuration.  You can change this (if
            you're a Bugzilla administrator) from the editparams.cgi page
            via the web.
          </para>
          <para>
            The value of the cookiepath parameter should be the actual directory
            containing your Bugzilla installation, <emphasis>as seen by the
            end-user's web browser</emphasis>. Leading and trailing slashes are
            mandatory. You can also set the cookiepath to any directory which
            is a parent of the Bugzilla directory (such as '/', the root
            directory). But you can't put something that isn't at least
            a partial match or it won't work. What you're actually doing
            is restricting the end-user's browser to sending the cookies
            back only to that directory.
          </para>
          <para>
            How do you know if you want your specific Bugzilla directory or the
            whole site?
          </para>

          <para>
            If you have only one Bugzilla running on the server, and you
            don't mind having other applications on the same server with it
            being able to see the cookies (you might be doing this on purpose
            if you have other things on your site that share authentication with
            Bugzilla), then you'll want to have the cookiepath set to "/", or to
            a sufficiently-high enough directory that all of the involved apps
            can see the cookies.
          </para>
          <para>
            Examples:

            <blockquote>
              <literallayout>
        urlbase is <ulink url="http://bugzilla.mozilla.org/"/>
        cookiepath is /

        urlbase is <ulink url="http://tools.mysite.tld/bugzilla/"/>
                but you have http://tools.mysite.tld/someotherapp/ which shares
                authentication with your Bugzilla
        cookiepath is /
              </literallayout>
            </blockquote>
          </para>
          
         <para>
            On the other hand, if you have more than one Bugzilla
            running on the server (some people do - we do on landfill)
            then you need to have the cookiepath restricted enough
            so that the different Bugzillas don't
            confuse their cookies with one another.
          </para>
          <para>
            Examples:

            <blockquote>
              <literallayout>
        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-tip/"/>
        cookiepath is /bugzilla-tip/

        urlbase is <ulink url="http://landfill.bugzilla.org/bugzilla-2.16-branch/"/>
        cookiepath is /bugzilla-2.16-branch/
              </literallayout>
            </blockquote>
          </para>

          <para>
            If you had cookiepath set to / at any point in the past and
            need to set it to something more restrictive (i.e. /bugzilla/),
            you can safely do this without requiring users to delete
            their Bugzilla-related cookies in their browser (this is
            true starting with Bugzilla 2.17.7 and Bugzilla 2.16.5).
          </para>
        </answer>
      </qandaentry>

      <qandaentry>
        <question id="faq-phb-reloginSome">
          <para>
            Why do users have to log in every time they access a page? This
            only seems to affect some of my Bugzilla's users, others stay
            logged in.
          </para>
        </question>
        <answer>
          <para>
            First, make sure cookies are enabled in the user's browser.
          </para>
          <para>
            If that doesn't fix the problem, it may be that
            the user's ISP implements a rotating proxy server. This causes
            the user's effective IP address (the address which the Bugzilla server
            perceives him coming from) to change periodically. Since
            Bugzilla cookies are tied to a specific IP address, each time
            the effective address changes, the user will have to log in again.
          </para>
          <para>
            In newer versions of Bugzilla (2.17.1 and later) there is a
            parameter called "loginnetmask", which you can use to set the
            number of bits of the user's IP address to require to be matched
            when authenticating the cookies. If you set this to something less
            than 32, then the user will be given a checkbox for "Restrict this
            login to my IP address" on the login screen, which defaults to
            checked. If they leave the box checked, Bugzilla will behave the
            same as it did before, requiring an exact match on their IP address
            to remain logged in. If they uncheck the box, then only the left
            side of their IP address (up to the number of bits you specified in
            the parameter) has to match to remain logged in.
          </para>
        </answer>  
      </qandaentry>

    </qandadiv>

    <qandadiv id="faq-security">
      <title>Bugzilla Security</title>

      <qandaentry>
	<question id="faq-security-mysql">
	  <para>
	    How do I completely disable MySQL security if it's giving me problems
	    (I've followed the instructions in the installation section of this guide)?
	  </para>
	</question>
	<answer>
	  <para>
	    Run MySQL like this: "mysqld --skip-grant-tables".  Please remember <emphasis>this
	    makes MySQL as secure as taping a $100 to the floor of a football stadium
	    bathroom for safekeeping.</emphasis> 
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-security-knownproblems">
	  <para>
	    Are there any security problems with Bugzilla?
	  </para>
	</question>
	<answer>
	  <para>
	    The Bugzilla code has undergone a reasonably complete security audit,
      and user-facing CGIs run under Perl's taint mode. However, 
	    it is recommended that you closely examine permissions on your Bugzilla
	    installation, and follow the recommended security guidelines found
	    in The Bugzilla Guide.
	  </para>
	</answer>
      </qandaentry>


      <qandaentry>
	<question id="faq-security-mysqluser">
	  <para>
	    I've implemented the security fixes mentioned in Chris Yeh's security
	    advisory of 5/10/2000 advising not to run MySQL as root, and am running into
	    problems with MySQL no longer working correctly.
	  </para>
	</question>
	<answer>
	  <para>
	    This is a common problem, related to running out of file descriptors.
	    Simply add "ulimit -n unlimited" to the script which starts
	    mysqld.
	  </para>
	</answer>
      </qandaentry>
    </qandadiv>

    <qandadiv id="faq-email">
      <title>Bugzilla Email</title>

      <qandaentry>
	<question id="faq-email-nomail">
	  <para>
	    I have a user who doesn't want to receive any more email from Bugzilla.
	    How do I stop it entirely for this user?
	  </para>
	</question>
	<answer>
	  <para>
	    The user should be able to set
	    this in user email preferences (uncheck all boxes) or you can add
            their email address to the <filename>data/nomail</filename> file.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-testing">
	  <para>
	    I'm evaluating/testing Bugzilla, and don't want it to send email to
	    anyone but me. How do I do it?
	  </para>
	</question>
	<answer>
	  <para>
	    Edit the "newchangedmail" Param. Replace "To:" with "X-Real-To:",
	    replace "Cc:" with "X-Real-CC:", and add a "To: &lt;youremailaddress&gt;".
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-whine">
	  <para>
	    I want whineatnews.pl to whine at something more, or other than, only new
	    bugs. How do I do it?
	  </para>
	</question>
	<answer>
	  <para>
	    Try Klaas Freitag's excellent patch for "whineatassigned" functionality.
	    You can find it at <ulink
            url="http://bugzilla.mozilla.org/show_bug.cgi?id=6679"/>. This
	    patch is against an older version of Bugzilla, so you must apply
	    the diffs manually.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-procmail">
	  <para>
	    I don't like/want to use Procmail to hand mail off to bug_email.pl.
	    What alternatives do I have?
	  </para>
	</question>
	<answer>
	  <para>
	    You can call bug_email.pl directly from your aliases file, with
	    an entry like this:
	    <blockquote>
	      <para>
		bugzilla-daemon: "|/usr/local/bin/bugzilla/contrib/bug_email.pl"
	      </para>
	    </blockquote>
	    However, this is fairly nasty and subject to problems; you also
	    need to set up your smrsh (sendmail restricted shell) to allow
	    it.  In a pinch, though, it can work.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-mailif">
	  <para>
	    How do I set up the email interface to submit/change bugs via email?
	  </para>
	</question>
	<answer>
	  <para>
	    You can find an updated README.mailif file in the contrib/ directory
	    of your Bugzilla distribution that walks you through the setup.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-sendmailnow">
	  <para>
	    Email takes FOREVER to reach me from Bugzilla -- it's extremely slow.
	    What gives?
	  </para>
	</question>
	<answer>
	  <para>
	    If you are using an alternate Mail Transport Agent (MTA other than
	    sendmail), make sure the options given in the "processmail" and other
      scripts for all
	    instances of "sendmail" are correct for your MTA.
	  </para>
	  <para>
	    If you are using Sendmail, try enabling "sendmailnow" in editparams.cgi.
            If you are using Postfix, you will also need to enable <quote>sendmailnow</quote>.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-email-nonreceived">
	  <para>
	     How come email from Bugzilla changes never reaches me?
	  </para>
	</question>
	<answer>
	  <para>
	    Double-check that you have not turned off email in your user preferences.
	    Confirm that Bugzilla is able to send email by visiting the "Log In"
	    link of your Bugzilla installation and clicking the "Email me a password"
	    button after entering your email address.
	  </para>
	  <para>
	    If you never receive mail from Bugzilla, chances you do not have
	    sendmail in "/usr/lib/sendmail".  Ensure sendmail lives in, or is symlinked
	    to, "/usr/lib/sendmail".
	  </para>
	</answer>
      </qandaentry>
    </qandadiv>

    <qandadiv id="faq-db">
      <title>Bugzilla Database</title>

      <qandaentry>
	<question id="faq-db-oracle">
	  <para>
	    I've heard Bugzilla can be used with Oracle?
	  </para>
	</question>
	<answer>
	  <para>
            Red Hat's old version of Bugzilla (based on 2.8) worked on Oracle.
            Red Hat's newer version (based on 2.17.1 and soon to be merged into
            the main distribution) runs on PostgreSQL.  At this time we know of
            no recent ports of Bugzilla to Oracle but do intend to support it
            in the future (possibly the 2.20 time-frame).
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-db-corrupted">
	  <para>
	    I think my database might be corrupted, or contain invalid entries. What
	    do I do?
	  </para>
	</question>
	<answer>
	  <para>
	    Run the <quote>sanity check</quote> utility
	    (<filename>./sanitycheck.cgi</filename> in the
	    Bugzilla_home directory) from your web browser to see! If
	    it finishes without errors, you're
	    <emphasis>probably</emphasis> OK.  If it doesn't come back
	    OK (i.e. any red letters), there are certain things
	    Bugzilla can recover from and certain things it can't.  If
	    it can't auto-recover, I hope you're familiar with
	    mysqladmin commands or have installed another way to
	    manage your database.  Sanity Check, although it is a good
	    basic check on your database integrity, by no means is a
	    substitute for competent database administration and
	    avoiding deletion of data.  It is not exhaustive, and was
	    created to do a basic check for the most common problems
	    in Bugzilla databases.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-db-manualedit">
	  <para>
	    I want to manually edit some entries in my database. How?
	  </para>
	</question>
	<answer>
	  <para>
	     There is no facility in Bugzilla itself to do this. It's also generally
	    not a smart thing to do if you don't know exactly what you're doing.
	    However, if you understand SQL you can use the <command>mysql</command>
            command line utility to manually insert, delete and modify table
            information.  There are also more intuitive GUI clients available.
            Personal favorites of the Bugzilla team are <ulink
            url="http://www.phpmyadmin.net/">phpMyAdmin</ulink> and <ulink
            url="http://www.mysql.com/downloads/gui-mycc.html">MySQL Control
            Center</ulink>.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-db-permissions">
	  <para>
	    I think I've set up MySQL permissions correctly, but Bugzilla still can't
	    connect.
	  </para>
	</question>
	<answer>
	  <para>
	    Try running MySQL from its binary: "mysqld --skip-grant-tables". This
	    will allow you to completely rule out grant tables as the cause of your
            frustration. If this Bugzilla is able to connect at this point then
            you need to check that you have granted proper permission to the user
            password combo defined in <filename>localconfig</filename>.
          </para>
          <warning>
            <para>
              Running MySQL with this command line option is very insecure and
              should only be done when not connected to the external network
              as a troubleshooting step.
            </para>
          </warning>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-db-synchronize">
	  <para>
	    How do I synchronize bug information among multiple different Bugzilla
	    databases?
	  </para>
	</question>
	<answer>
	  <para>
	    Well, you can synchronize or you can move bugs.  Synchronization will
	    only work one way -- you can create a read-only copy of the database
	    at one site, and have it regularly updated at intervals from the main
	    database.
	  </para>
	  <para>
	    MySQL has some synchronization features builtin to the latest releases.
	    It would be great if someone looked into the possibilities there
	    and provided a report to the newsgroup on how to effectively
	    synchronize two Bugzilla installations.
	  </para>
	  <para>
	    If you simply need to transfer bugs from one Bugzilla to another,
	    checkout the "move.pl" script in the Bugzilla distribution.
	  </para>
	</answer>
      </qandaentry>
    </qandadiv>

    <qandadiv id="faq-nt">
      <title>Bugzilla and Win32</title>

      <qandaentry>
	<question id="faq-nt-easiest">
	  <para>
	    What is the easiest way to run Bugzilla on Win32 (Win98+/NT/2K)?
	  </para>
	</question>
	<answer>
	  <para>
	    Remove Windows. Install Linux. Install Bugzilla.
	    The boss will never know the difference.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-nt-bundle">
	  <para>
	    Is there a "Bundle::Bugzilla" equivalent for Win32?
	  </para>
	</question>
	<answer>
	  <para>
	    Not currently.  Bundle::Bugzilla enormously simplifies Bugzilla
	    installation on UNIX systems.  If someone can volunteer to
	    create a suitable PPM bundle for Win32, it would be appreciated.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-nt-mappings">
	  <para>
	    CGI's are failing with a "something.cgi is not a valid Windows NT
	    application" error. Why?
	  </para>
	</question>
	<answer>
	  <para>
	    Depending on what Web server you are using, you will have to configure
	    the Web server to treat *.cgi files as CGI scripts. In IIS, you do this by
	    adding *.cgi to the App Mappings with the &lt;path&gt;\perl.exe %s %s as the
	    executable.
	  </para>
	  <para>
	    Microsoft has some advice on this matter, as well:
	    <blockquote>
	      <para>
		"Set application mappings. In the ISM, map the extension for the script
		file(s) to the executable for the script interpreter. For example, you might
		map the extension .py to Python.exe, the executable for the Python script
		interpreter. Note For the ActiveState Perl script interpreter, the extension
		.pl is associated with PerlIS.dll by default. If you want to change the
		association of .pl to perl.exe, you need to change the application mapping.
		In the mapping, you must add two percent (%) characters to the end of the
		pathname for perl.exe, as shown in this example: c:\perl\bin\perl.exe %s %s"
	      </para>
	    </blockquote>
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-nt-dbi">
	  <para>
	    I'm having trouble with the perl modules for NT not being able to talk to
	    to the database.
	  </para>
	</question>
	<answer>
	  <para>
	    Your modules may be outdated or inaccurate. Try:
	    <orderedlist>
	      <listitem>
		<para>
		  Hitting http://www.activestate.com/ActivePerl
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Download ActivePerl
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Go to your prompt
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Type 'ppm'
		</para>
	      </listitem>
	      <listitem>
		<para>
		  <prompt>PPM></prompt> <command>install DBI DBD-mysql GD</command>
		</para>
	      </listitem>
	    </orderedlist>
	    I reckon TimeDate and Data::Dumper come with the activeperl. You can check
	    the ActiveState site for packages for installation through PPM.
	    <ulink url=" http://www.activestate.com/Packages/">
	      http://www.activestate.com/Packages/</ulink>
	  </para>
	</answer>
      </qandaentry>

    </qandadiv>

    <qandadiv id="faq-use">
      <title>Bugzilla Usage</title>

      <qandaentry>
	<question id="faq-use-changeaddress">
	  <para>
	    How do I change my user name (email address) in Bugzilla?
	  </para>
	</question>
	<answer>
	  <para>
	    New in 2.16 - go to the Account section of the Preferences. You will
      be emailed at both addresses for confirmation.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-use-query">
	  <para>
	    The query page is very confusing.  Isn't there a simpler way to query?
	  </para>
	</question>
	<answer>
	  <para>
	    The interface was simplified by a UI designer for 2.16. Further
      suggestions for improvement are welcome, but we won't sacrifice power for
      simplicity.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-use-accept">
	  <para>
	    I'm confused by the behavior of the "accept" button in the Show Bug form.
	    Why doesn't it assign the bug to me when I accept it?
	  </para>
	</question>
	<answer>
	  <para>
	    The current behavior is acceptable to bugzilla.mozilla.org and most
	    users.  You have your choice of patches
	    to change this behavior, however.
	    <simplelist>
	      <member><ulink url="http://bugzilla.mozilla.org/showattachment.cgi?attach_id=8029">
		Add a "and accept bug" radio button</ulink></member>
	      <member><ulink url="http://bugzilla.mozilla.org/showattachment.cgi?attach_id=8153">
		"Accept" button automatically assigns to you</ulink></member>
	    </simplelist>
	    Note that these patches are somewhat dated.  You will need to apply
      them manually.  
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-use-attachment">
	  <para>
	    I can't upload anything into the database via the "Create Attachment"
	    link.  What am I doing wrong?
	  </para>
	</question>
	<answer>
	  <para>
	    The most likely cause is a very old browser or a browser that is
	    incompatible with file upload via POST.  Download the latest Netscape,
	    Microsoft, or Mozilla browser to handle uploads correctly.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-use-keyword">
	  <para>
	    How do I change a keyword in Bugzilla, once some bugs are using it?
	  </para>
	</question>
	<answer>
	  <para>
	    In the Bugzilla administrator UI, edit the keyword and it will let you
	    replace the old keyword name with a new one.  This will cause a problem
	    with the keyword cache.  Run sanitycheck.cgi to fix it.
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
    <question id="faq-use-close">
      <para>
        Why can't I close bugs from the "Change Several Bugs at Once" page?
      </para>
    </question>
    <answer>
      <para>
        The logic flow currently used is RESOLVED, then VERIFIED, then CLOSED.
        You <emphasis>can</emphasis> mass-CLOSE bugs from the change several
        bugs at once page. <emphasis>but</emphasis>, every bug listed on the
        page has to be in VERIFIED state before the control to do it will show
        up on the form. You can also mass-VERIFY, but every bug listed has to be
        RESOLVED in order for the control to show up on the form. The logic
        behind this is that if you pick one of the bugs that's not VERIFIED and
        try to CLOSE it, the bug change will fail miserably (thus killing any
        changes in the list after it while doing the bulk change) so it doesn't
        even give you the choice.
      </para>
    </answer>
      </qandaentry>


    </qandadiv>

    <qandadiv id="faq-hacking">
      <title>Bugzilla Hacking</title>

      <qandaentry>
	<question id="faq-hacking-bugzillabugs">
	  <para>
	    What bugs are in Bugzilla right now?
	  </para>
	</question>
	<answer>
	  <para>
	    Try <ulink url="http://bugzilla.mozilla.org/buglist.cgi?bug_status=NEW&amp;bug_status=ASSIGNED&amp;bug_status=REOPENED&amp;product=Bugzilla">
	    this link</ulink> to view current bugs or requests for
	    enhancement for Bugzilla.
	  </para>
	  <para>
	    You can view bugs marked for 2.18 release
	    <ulink url="http://bugzilla.mozilla.org/buglist.cgi?product=Bugzilla&amp;target_milestone=Bugzilla+2.18">here</ulink>.
	    This list includes bugs for the 2.18 release that have already
	    been fixed and checked into CVS.  Please consult the
	    <ulink url="http://www.bugzilla.org/">
	      Bugzilla Project Page</ulink> for details on how to
	    check current sources out of CVS so you can have these
	    bug fixes early!
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-hacking-priority">
	  <para>
	    How can I change the default priority to a null value?  For instance, have the default
	    priority be "---" instead of "P2"?
	  </para>
	</question>
	<answer>
	  <para>
	    This is well-documented here: <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=49862">
	    http://bugzilla.mozilla.org/show_bug.cgi?id=49862</ulink>.  Ultimately, it's as easy
	    as adding the "---" priority field to your localconfig file in the appropriate area,
	    re-running checksetup.pl, and then changing the default priority in your browser using
	    "editparams.cgi". 
	  </para>
	</answer>
      </qandaentry>

      <qandaentry>
	<question id="faq-hacking-patches">
	  <para>
	    What's the best way to submit patches?  What guidelines should I follow?
	  </para>
	</question>
	<answer>
	  <blockquote>
	    <orderedlist>
	      <listitem>
		<para>
		  Enter a bug into bugzilla.mozilla.org for the <quote><ulink
                  url="http://bugzilla.mozilla.org/enter_bug.cgi?product=Bugzilla">Bugzilla</ulink></quote>
                  product.
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Upload your patch as a unified diff (having used "diff -u" against
		  the <emphasis>current sources</emphasis> checked out of CVS),
		  or new source file by clicking
		  "Create a new attachment" link on the bug page you've just created, and
		  include any descriptions of database changes you may make, into the bug
		  ID you submitted in step #1.  Be sure and click the "Patch" checkbox
		  to indicate the text you are sending is a patch!
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Announce your patch and the associated URL
		  (http://bugzilla.mozilla.org/show_bug.cgi?id=XXXXXX) for discussion in
		  the newsgroup (netscape.public.mozilla.webtools).  You'll get a really
		  good, fairly immediate reaction to the implications of your patch,
		  which will also give us an idea how well-received the change would
		  be.
		</para>
	      </listitem>
	      <listitem>
		<para>
		  If it passes muster with minimal modification, the person to whom
		  the bug is assigned in Bugzilla is responsible for seeing the patch
		  is checked into CVS.
		</para>
	      </listitem>
	      <listitem>
		<para>
		  Bask in the glory of the fact that you helped write the most successful
		  open-source bug-tracking software on the planet :)
		</para>
	      </listitem>
	    </orderedlist>
	  </blockquote>
	</answer>
      </qandaentry>


    </qandadiv>

  </qandaset>

</appendix>


<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-always-quote-attributes:t
sgml-auto-insert-required-elements:t
sgml-balanced-tag-edit:t
sgml-exposed-tags:nil
sgml-general-insert-case:lower
sgml-indent-data:t
sgml-indent-step:2
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
sgml-minimize-attributes:nil
sgml-namecase-general:t
sgml-omittag:t
sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter")
sgml-shorttag:t
sgml-tag-region-if-active:t
End:
-->