On 06/02/2018 11:54, Stefan Eissing wrote:
Am 06.02.2018 um 11:45 schrieb Helmut K. C. Tessarek <tessa...@evermeet.cx>:
On 2018-02-06 05:13, Yann Ylavic wrote:
Sorry for what is probably (my) bad english, "fixed" meant "the same
after restart (or stop/start)".
Right, but isn't the virtual host's server name/port config after the
restart the same as well? Why do you need a new separate unique identifier?
And should you ever change the port number and/or the virtual host's
server name, then this virtual host won't be the same after a restart
anyway.
Either I'm missing something here, but I still don't understand the
reason for a unique identifier, when you already have one.
You are missing that Yann exactly wants to do that.
Only as consideration for people who prefer otherwise, he considered to
introduce a ServerUID directive.
Now, he tried several times to get the discussion back to what a good
*automatic* id for the load balancer is,
Ah, for the fortunate that have so much traffic they need the 'lb'. And
I imagine, for that 'automatic' is fine. Never had to use one though -
so no idea how hard they are to configure/manage. However, I expect I
would rather "not care" how the internals work for giving me a vhost
ServerID. Why should I care - after a restart whether the value
generated is the same or not.
That said - what could I do with a ServerID (forget the unique for the
moment).
Again, my first thoughts are with regard to 'security' aka 'access
control'. Could I use (or is there already something I am unaware of) a
ServerID in <Directory> blocks, e.g., with <Require> - so that I can
specify access control in terms of the <vhost> rather than as attributes
of clients. Might all be nonsense - asin - this is just me brainstorming.
I guess my question is closer to: are there ways to manage 'access
control' based on the server configuration and the physical resources
(mainly thinking files). What is more manageable? What is easier to
report on/with (to a non-httpd specialist). What is easier to audit/log,
perhaps in separate logs?
but everyone keeps discussing
directives...
*Waves Jedi Hand*: "Forget the directive..."
(* Michael blinks - what were we talking about? *)
Or at least one that can be used from a combination of several fields in
the server struct.
What am I missing?
--
regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944
Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944
/*
Thou shalt not follow the NULL pointer for chaos and madness
await thee at its end.
*/