Hi Alexei,
Alexei Chetroi wrote:
Actually not. Current Debian packaging runs openca server with the
same uid as web server, and I didn't like idea that web-server can
access openca's data. Running them at different uids seems more
appropiate to me.
It looks like the configuration parameters does not make the way to the daemon concept. Today it is not necessary to give the apache any rights except from read on openca's files and directories. I think it is not required to have any files with the httpd user and group.
Perhaps we should rename the httpd parameters to --with-daemon-user and group. This is perhaps the more correct way. We cannot change the names for 0.9.2 - only the semantic. We can change the names only on CVS HEAD.
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
