I'm working on advice on automated X.509 certificate generation during
package installation.
One aspect is that these files obviously have to be generated on the
system during installation (or first service start) and cannot be
shipped in the package. Some existing RPMs just drop files into
/etc/pki/certs and /etc/pki/tls/private, without marking them as ghost
files or configuration files. (I'm not even sure if you can mark
something for which no content is provided in the RPM as a configuration
file.)
I wonder what an ideal RPM package would do in this case?
--
Florian Weimer / Red Hat Product Security Team
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
