Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
in #2487592: CMI: don't ship with a default "active" directory that is empty in most Drupal installations we removed the active directory, but it is still mentioned in documentation
Proposed resolution
Fix documentation.
Remaining tasks
List all the links for the places active is mentioned
User interface changes
No
API changes
No
Data model changes
No
Comment | File | Size | Author |
---|---|---|---|
#25 | 2580569-25.patch | 3.44 KB | anavarre |
#24 | interdiff-23-24.txt | 1.16 KB | anavarre |
#24 | 2580569-24.patch | 3.44 KB | anavarre |
#23 | interdiff-20-23.txt | 606 bytes | snehi |
#23 | 2580569-23.patch | 3.44 KB | snehi |
Comments
Comment #2
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentedComment #3
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentedComment #4
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentedComment #5
YesCT CreditAttribution: YesCT commentedComment #6
jhodgdonIn the 3rd line here,
these locations => this location
Also... there is more in default.settings.php about the active directory, like:
Apparently this is incorrect now about "active" being created.
Also in the section about active configuration settings, I think an additional step needs to be put there that will somehow make a directory for the active configuration, if Core isn't going to do it, right?
Comment #7
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentedreroll and new patch with the comments from #6
Comment #8
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentedComment #9
anavarreOverall this is very good. I just have punctuation nits.
What about:
What about:
What about:
Comment #10
jhodgdonAgreed with #9. Much better punctuation indeed.
One more thought:
So here we're talking about CONFIG_ACTIVE_DIRECTORY but up above we're talking about 'active' and 'sync' [well, active has been removed, but you know what I mean].
I think we should probably just say the array key is 'active' here, or else we should use a constant for the sync directory above?
Comment #11
snehi CreditAttribution: snehi as a volunteer and at Publicis Sapient for Publicis Sapient commentedDone as suggested in #9.
Comment #12
jhodgdonWhat about #10?
Comment #13
anavarreIn
sites/default/default.settings.php
we also have:So we already demonstrate the use of a constant for the sync directory. Isn't the recommendation instead would be to suggest one method over the other? E.g.
$config_directories['active'] = '/path/to/active';
Instead of:
No opinion, really. Rather asking :-)
Comment #14
jhodgdonI don't care which way we go with this, but we are doing both now... Where is CONFIG_ACTIVE_DIRECTORY defined anyway, and would it actually be loaded before settings.php???
Comment #15
anavarreIt's defined in
core/includes/bootstrap.inc
so IIUC really early.const CONFIG_ACTIVE_DIRECTORY = 'active';
Going with 'active' to try and be consistent.
Comment #16
Schnitzel CreditAttribution: Schnitzel at Amazee Labs commentednice work! I like. Letting @jhodgdon review :)
Comment #17
jhodgdonIt's looking fairly good, but I think it still needs some work:
The punctuation/caps in these lines are wrong.
Should be:
... the file system. (This can ...
... below.)
This is kind of confusing.
It says "this setting allows you to override this location". After reading the first sentence, "this location" is only referring to the sync location.
Then the last sentence starts talking about the active location, which isn't covered by the first two sentences, so it doesn't make sense in context.
So does this setting affect active at all? If it does, it needs to be explained better. I think maybe it's where you record the directory you created manually, but if so it's quite different from what sync does (provide an override for where the directory is created).
Also... if you put an override here for sync, do you also have to create the directory yourself or will it be created in the location you specified during install? This is not clarified by the wording here.
You're not *defining* the path in $config_directories, you are more like recording it or telling the config system about it?
Also I think we normally call it "directory" not "folder" in our docs, right? Let's keep the terminology consistent.
And you might point out that the $config_directories setting is a ways above in the file. It's around line 200 and this is line 500 so they are pretty far apart, and it might not be obvious that you need to scroll back up and find it.
Comment #18
anavarre#17 - Makes total sense. It's all about the details.
I've also wrapped "sync" and "active" in double quotes to be consistent everywhere in settings.php while still be able to refer to the active configuration (without quotes) which has nothing to do with the "active" directory. Let me know if single quotes are preferred?
Comment #19
jhodgdonBetter, thanks! I still think it needs some work though:
Hm. Still not sure there is a "default location" for "active"?
below setting => setting below
I think this would be clearer if it said:
... outside your document root. Tell the system where this directory is by adding an entry with array key CONFIG_ACTIVE_DIRECTORY to this setting.
As it is... still confusing I think, because it's confusing the part about where to make this directory with how to tell Drupal about it.
Also... really I would put the sentence about enhancing security into the Active Configuration Settings section where it tells you to create this directory -- that seems like the logical place to say "And by the way you should put it outside your document root", not here? This section should only be about telling Drupal where you created the directory, I think.
See here it says I need to create the active directory, so from this I think there is no "default location" for this directory. It seems like Drupal won't know where it is unless I tell it where it is, right? And it seems I need to create it manually, so there is no default location, right?
And here is where I would put the part about putting this outside your document root for security.
Unless this bullet point is wrong...
Comment #20
anavarre#19
4. The way I understand it, "active" being deprecated it's on the developer to create it and give it their preferred location in
settings.php
- So no, no default location in that it doesn't exist, well, by default. Note theCONFIG_SYNC_DIRECTORY
value that only mentions a path outside of the Drupal docroot because its default location is normally underconfig_HASH
Drupal will alert you on the reports page if there's a configuration directory defined in
settings.php
that does not exist on the file system. I also can't think of a use case where customers will want to use "active" for the current configuration unless it's for development purposes, e.g. with config_devel or to define a different storage mechanism than the Drupal{{config}}
table.I've changed the following key|value to be more sensible since we only have one default CMI dir by default:
CONFIG_SYNC_DIRECTORY => '/directory/outside/webroot',
(dropped "some" too) - To give more context, here's how it was before "active" got removed completely:EDIT: extra whitespace on line 237 in the patch will be fixed with the next patch.
Comment #21
anavarreComment #22
jhodgdonIt does not really enhance security to put the *sync* directory outside the doc root. Only the active directory, as was stated in earlier patches. So I go back to what I said in my earlier review... I think we should put this note in the lower section that says to create this active directory. Right?
And yes, the extra space. ;)
The rest looks good though. Thanks!
Comment #23
snehi CreditAttribution: snehi as a volunteer and at Publicis Sapient for Publicis Sapient commentedMeanwhile removing whitespace.
Comment #24
anavarre#22 I think it does improve security because it means we're putting the "sync" directory in a location that is not virtually accessible to the world.
Regardless, tried to address your concerns with this patch.
Comment #25
anavarreSrly. Without white space. Same interdiff as previously.
Comment #26
jhodgdonThis seems good to me. Thanks!
Removing random tag. Adding RC eligible tag, as this is just documentation in the default settings.php file.
Comment #27
xjmExcellent work! Thanks for cleaning this up. Committed and pushed to 8.0.x.