Florent Rougon wrote:
In case Justin's mail didn't answer all your questions...
It did.
I think it's fairly clear, then, that /etc it is. The file is text (crypt, mostly because I didn't find any immediate way of using more sophisticated hashes from perl, and the information it protects is available to you if you can read it anyways). It is maintained by the package, but can be copied over to another machine if the same password is required there.Shachar Shemesh <debian@shemesh.biz> wrote:Well, you would need a helper program to actually change it, as the password is encrypted. Otherwise, yes it's a configuration file.Well, the line is a bit blurry here, I admit. Note that passwords in /etc/shadow are encrypted, but the admin can still modify the (encrypted) passwords by hand in that file. This is not an argument against placing the file under /etc. IMHO, whether /etc or /var is more appropriate depends on whether you consider the file as configuration data for the program, or not. Specifically, do you expect an admin to simply copy that file to another system if he wants the same passwords in the other system? If yes---and, I am tempted to say, if the file is in text format, because seeing binary stuff under /etc kinda hurts my eyes---, then I'd choose /etc. If not (i.e., if you consider the file as simply storing a "state" for your program), /var sounds more appropriate.
The package is a wrapper around rsyncrypto that provides a web interface for controlling a remote backup that my company is supplying (see my sig for details). I have placed the files as follows: Config files, including password and the ssh "known_hosts" for the backup machine in /etc (the later is a conffile). The rsyncrypto symmetric keys for the backed up files in /var/lib. They are needed in order to perform hot restore and incremental backup.
The actual encrypted files in /var/spool.The HTML files, and the suid script that allows the unprivileged web server to perform cron and other tasks go in /usr/share/package with a link from /var/www (same as bugzilla).
After your explanation, the only thing I still have doubts over is whether the files should not go into /var/cache instead.
That's not a problem. The initial password is an empty file. Since it has a different owner and non-standard permissions it's a bit of a headache to create and remove properly in post{inst,rm}, but no big deal.It does. Just don't ship it in the .deb, but as Justin said, have it created by postinst, or by one of the programs shipped in the package, for instance.
Thanks for your help,
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html