Hi (I sent this as a reply
to Johanna – but thought it might get better feedback with an appropriate
subject),
Can anyone give thoughts on
this change I am making? I an altering the cosignd, monster and the cosign.cgi
and logout programs to read the configuration file for things which are
currently specified at compile time,
like:
1. the cosigndb directory
2. the CA dir, cert and key
files
3. friend host, user and
password etc.
All of these things in my
opinion should be defined at run-time, not at compile time. So what I am doing
to having them read the configuration file to get these values etc. The
configuration define (currently used for the location of the ACL file) will be
this configuration file I am talking about. The configuration file will define
the location of the ACL file.
This means the code need not
be recompiled if anything like this changes.
The main reason I am doing
this is I have created an RPM spec file (so I can build and RPM of the cosign
server). This I will be using to migrate between our dev/test/prod cosign
environments.
The only impact this will
have on the way you do this currently is the configuration define at compile
time no longer defines the ACL, but the ACL file location will be in the config
file. I have attached an example configuration file... which is essentially the
defaults from the configure.ac.
Any thoughts?
Brett
