>> So the .htaccess should be included in the rpm? In that case an upgrade
>> would introduce it again...
>>
>
> No. I was thinking of generating it the same way you generate the
> members file. I am assuming that what you put in that part of the
> script won't get regenerated on each upgrade... Otherwise your user
> account info would be wiped out...
>
Stuff tagged with %config(noreplace) in the %files section will not
overwrite but be put in a .rpmnew or something next to an existing file.
But if the is non-existing it will be (re)introduced...
> Is there any reason why we couldn't have the instructions be
> duplicated in the following areas:
>
> package info
> RPM-Readme.txt
> (which of course is served out if the .htaccess file exists)
>
Sure we can.
In that case: Instead of using .htaccess why not just use
/etc/httpd/conf.d/ledger-smb-httpd.conf and let it contain
# Point at documentation
Alias /ledger-smb /usr/share/doc/ledger-smb-xxx/
# To enable ledger-smb active the line below instead of the one above
# Alias /ledger-smb /usr/share/ledger-smb/
But my gut feels bad about all this. The master password should be _the_
single point of "obscurity" preventing abuse. I don't like leaving that
hole wide open and trying to guard it with other fences...
Currently there is no security problem at all; there are other problems
preventing any kind of use or abuse anyway. Lets get them fixed first! ;-)
/Mads
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Ledger-smb-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
