You're right :) We should probably consider using --with-openca-user/group,Actually not. Current Debian packaging runs openca server with the same uid as web server, and I didn't like idea that web-server can access openca's data. Running them at different uids seems more appropiate to me.
along with creating dedicated users, and their homes in /var/[somedir]. Things are getting complicated :)
P.
=== lena:~/OCA/openca-0.9.2.1# ./configure --help|egrep -i user\|group --bindir=DIR user executables [EPREFIX/bin] --with-openca-user=ARG sets the OpenCA's user id (default is root) --with-openca-group=ARG sets the OpenCA's group id (default is root) --with-httpd-user=ARG sets the httpd's user id (default is nobody) --with-httpd-group=ARG sets the httpd's group id (default is nogroup)
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ OpenCA-Devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-devel
