[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: shishi.skel somewhat large
From: |
Elrond |
Subject: |
Re: shishi.skel somewhat large |
Date: |
Wed, 31 May 2006 19:01:01 +0200 |
User-agent: |
Mutt/1.5.9i |
On Wed, May 31, 2006 at 04:06:13PM +0200, Simon Josefsson wrote:
> Elrond <address@hidden> writes:
>
> > Apropos Debian packaging (or at least, what ends up on my
> > box ;) ):
> >
> > Why is shishi.skel so big, when there is
> > /etc/shishi/shishi.conf with mostly the same contents?
>
> One is per-system and the other is per-user... I'd thought it would
> be good to document all options in both files, but I agree it is a bit
> redundant.
That's why I suggested the reference to the system config.
Something on the lines of:
For further information on these and other options, see
- /etc/shishi/shishi.conf
- shishi.conf(5)
> > My idea would be for a very small shishi.skel:
> > - Short header with reference to system shishi.conf with
> > path
> > - most useful/used options with only short explanation.
>
> This sounds better.
>
> How about removing read-krb5conf, default-realm, realm-kdc,
> server-realm, kdc-timeout, kdc-retries from shishi.skel?
Not only removing those, but stripping the description for
the remaining down to one or two lines.
[...]
> > - default-realm
> > - realm-kdc
> > - server-realm
>
> It seems these really should be in the system config, I see few uses
> for normal users to ever frob those values.
Right.
Maybe the default-realm?
(Is it used anywhere except for the default-principal?)
Like "I work on this remote realm all day".
> They would still be able
> to do so, but there would be no comments in the file to help them.
Right.
> Conversely, I do think these are useful to configure per-user:
>
> client-kdc-etypes
I don't have much contact to people using kerberos (and
knowing they do), so I can't tell, if joe average user
knows anything about etypes. I would doubt it.
So the compiled in (or system default) should be a
reasonable set, that works 99% of the time, IMHO.
> ticket-life
> renew-life
Those might make sense, right.
People might really know, that they only need reduced life
times (for security reasons).
> verbose*
[...]
Do they have any point except debugging?
Elrond