On Sun, Jul 01, 2012 at 12:36:41PM -0300, Henrique de Moraes Holschuh wrote: > On Sun, 01 Jul 2012, Marc Haber wrote: > > > Yes, but it's user configuration not system configuration. > > > > A system user's .ssh is user configuration? > > If it is intended to be manipulated by the local admin, yes, and it would > belong in /etc somewhere.
I would call that system configuration. > > > If you do want to have that as configuration in /etc, I'd > > > suggest symlinking it from /var/lib/foo to /etc/foo/authorized_keys > > > (or vice versa), like e.g. postgresql handles cluster configuration. > > > > Can you give a more visible example? Should /etc/foo/authorized_keys > > be a symlink to /var/lib/foo/home/.ssh/authorized_keys? I don't think > > that circumvents the FHS forbidding configuration in /var/lib just by > > making it accessible through /etc. > > No. The real file goes in /etc, the symlink goes in /var/lib. But you may > need very tight permissions in the directory that hosts these to have sshd > tolerate it, if it will work at all. Does sshd honor symlinks when looking for authorized_keys? I am really really astonished about with which ease we hurl RC bugs at packages without having thought-out alternatives. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
