Re: Debconf web frontend
Mourad De Clerck wrote:
> Now, as far as i can tell the current "web" frontend has a couple of
> limitations.
The biggest limitation is that it is completly insecure. There is no
authentication. Everything is cleartext.
The second biggest limitation is that it is well, the world's crummiest
256 line web server. In particular, it can serve one request at a time,
and if you so much as reload the page, you will mess up its internal
flow.
It's a proof of concept hack -- "hey look, debconf can be shoehorned
into the web" -- not production code. To make it really usable as a
production server, it should probably be changed to use a real web
server, or at least a dedicated process, to serve web requests, with
some kind of communication between there and debconf. It should also be
changed to use SSL and some form of real authentication.
> Another unrelated question: we also need to be able to backup the
> configuration files easily (just backup etc, basically). Now I thought I
> didn't have to backup the debconf db in /var, is this still true?
Depends on if you're using debconf 0.9 -- if so, the db is in
/var/cache, and a number of interesting refinements ar epossible..
--
see shy jo
Reply to: