Product Review: Mantis Bug Tracker
Having fiddled with Bugzilla and experiencing the pain that comes from setting the monster up for the first time, I was interested when pointed in the direction of Mantis, a fairly lightweight bug tracker written in PHP4 and MySQL. Mantis is advertised to run on Linux, *BSD, Solaris, Mac OS, OS/2 and even Win32, so long as the web server supports PHP4, and PHP4 can access a MySQL database somewhere. The software is GPL and runs on any Pentium-class machine with enough RAM to avoid thrashing. (The author's development box is a P-233 with 128MB of RAM.)
After poking around Mantis' fairly well laid out web site, I popped over to the Debian packages page and discovered that Mantis already has made it into Woody. This should be easy, I thought--apt-get install mantis. I'll spare you the pain and leave you with the following caveats: you want to have mysql-server up and running before you begin, and you also want to grab PHP4, not PHP3. If you're using dselect or better instead of pure apt-get, it should give you this option. Also, Debian does not auto-enable PHP4 in Apache, nor does it auto-enable MySQL in PHP when you install php4-mysql. These points are in no way a reflection on Mantis, but simply a way to spare you, the readers, some considerable pain.
Once I finally got a login screen, though, the pain level dropped considerably. Per Mantis' installation instructions, I logged in as administrator, made a new admin login, deleted the old one (with the canned password) and was up and running. Performance was pretty darn snappy on my 256MB 1GHz Duron desktop box, which runs my entire desktop under KDE. Like any good administrator, I first created a normal user, using the Sign Me Up link on the login page. E-mail promptly was dispatched to the appropriate address, the password was retrieved and I was in. Time to report a bug, but I needed a project on which to report a bug. Log out and then back in as the admin user so you can make a project. Back on as my lowly reporter-class user, I find I can't fill in the required Category field. Then I remembered that the documents said, "Remember to add at least one category for your project! Otherwise, you won't be able to enter bug reports." Right. So, I went to Manage projects, created a category named General, flipped back to the other user and, presto, I had a bug.
The View bugs page is color-coded according to bug status. In the version I tested (0.17.1-2.5), they were hard-coded with a rainbow of colors, from a pale red for new through blue-green for resolved and the traditional grey for closed. I am told the newer versions, which can be obtained as tarballs, are quite a bit more configurable. The pages are fairly plain but quite readable, and good use of shading, bold and italic text, borders and other graphics-light but effective visual cues made the system a pleasure to use.
The Report Bug page, presumably the one most used by inexperienced users, has links from all but the Upload File fields to the appropriate places in the documentation. A copy of this is kept under the local installation so you're not dependent on a third party for help. A link to the master documentation page can be found on the navigation bar across the top, which then has links to both Mantis' own documentation and project documentation; users of sufficient status can upload new documentation to the project. In all, there are six levels of access: viewer, reporter, updater, developer, manager and administrator, in order of increasing access level.
Users have a number of choices as to what data they see, both in the system and in e-mail. They can choose to default to Advanced screens on reporting, viewing and updating screens. They also can choose which events trigger an e-mail to them, as well as set up a default project. Mantis supports multiple projects, each with its own set of defaults and security arrangements. Users can choose even which language Mantis speaks to them from more than a dozen options, including two dialects each of Portuguese and French. All of these abilities are impressive for a relatively lightweight web application. A fairly complete statistics page is available that sorts by almost every category Mantis handles, including per-developer and per-reporter statistics. This statistic page doesn't export to CSV yet, but it does practically everything else. The View Bugs page, though, does export to CSV, so you can access the raw data. And the View Bugs page filters and sorts by most categories as well, making it a statistician's dream.
Administrators can edit site news, which appears on the main page after you log in. News items, shown in quasi-blog format, can be for a single project or site-wide. Administrators also can add users without needing them to sign up over e-mail, as well as all the other munging of the site one would expect. Other user levels have lesser privileges; the levels are not as well documented as I would like, but I expect the documentation to improve as the project continues.
Which brings me to versioning. Debian Stable (Woody), as is often the case, contains an older version of Mantis. Although I used and reviewed 0.17.1-2.5, version 0.18.0a4 currently is listed as the latest version; it's the Alpha 4 release leading up to version 0.18.0. A number of minor bugs and some security issues have been fixed in the newer version, while performance enhancements and the ability to upgrade from older versions have been added. The latest Mantis-designated stable version, 0.17.5-4, is available as a .deb package from the Debian Testing (Sarge) archives. If you want security but really want to stay with Debian-approved packages, use it. For those unafraid of the bleeding edge, grab the tarball and have fun. One might even consider rolling one's own .deb from it, but even I haven't gotten that far yet.
Speaking of fun, once I got past Debian's packaging issues, exploring Mantis was pretty darn fun. The only unexpected things either were defined clearly in the documentation--make a category--or were marked as fixed in later versions on the site's web page. Mantis' layout offers what I like in a bug tracker: almost zero eye-candy and a whole lot of functionality. Plus, it's easy for a newbie to navigate Mantis effectively. It even works well in Links--high praise from an old command-line codger like me. Overall, I rate it a provisional 9, subject to grabbing the tarball and testing their bug fixes. In short, Bugzilla had best watch out, because this little six-legger could be its replacement in short order.
Glenn Stone is a Red Hat Certified Engineer, sysadmin, technical writer, cover model and general Linux flunkie. He has been hand-building computers for fun and profit since 1999, and he is a happy denizen of the Pacific Northwest.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide