Midgard configuration changes

1. Piotr Pokora

   Midgard configuration changes

   Wed April 15 2009 18:50:07 UTC
   Hi!
   
   There are at least two issues, we need to resolve, and both require some
   changes to be made to unified configuration file. First one is PAM
   authentication type and second is fact that core defines directories (
   like blobdir ) while it must use user defined in some cases.
   
   I. PAM authentication type
   
   Please, take a look at this ticket first:
   http://trac.midgard-project.org/ticket/1036
   
   Unfortunately, GKeyFile doesn't support something like multidimensional
   array.
   To configure it in configuration we could use such solutions:
   
   1. PAM authentication tokens are defined in separate file:
   
   AuthType=PAM
   PamTokens=/full/path/to/tokens/file.cfg
   
   Tokens file could define tokens as groups with explicit 'allow' and
   'disallow' keys per group:
   
   [ABC123]
   allow=john,marry
   disallow=admin
   
   [123ZXC]
   allow=all
   disallow=admin,root,midgard
   
   Default values and keys order should be discussed.
   
   2. PAM authentication tokens are defined in the same file.
   
   [TrustedAuthToken_ABC]
   admin,false,john,true
   
   [TrustedAuthToken_XZC]
   admin,false,all,true
   
   Ugly...
   
   Of course, whatever is implemented it should be supported by core's
   tokens class.
   Point is to configure it via config file or via token class instance.
   
   II. Midgard directories
   
   Currently, we can configure only blobdir and schemas' dir, but core
   itself provides more data which must be read during runtime. What about
   if we provide new 'MidgardDir' group? This way we could be much closer
   to FSH and really tune Midgard setups.
   
   We need to define:
   
   * blobdir
   * user (local) schemas' dir
   * common MgdObjects.xml file
   * xml file(s) which defines initial database
   * cache directory?
   
   And we could use three keys for these:
   
   # Keys in directory group
   [MidgardDir]
   
   Shared=/usr/local/share/midgard
   Blobs=/var/local/midgard/blobs
   Cache=/var/local/cache/midgard
   
   'Shared' - directory for static, architecture independent files.
   At least, such files are (should be) read from this directory:
   
   SHARED/MgdObjects.xml
   SHARED/schema/*.xml
   SHARED/midgard_initial_database.xml
   
   By default $prefix/share/midgard is declared and user is responsible to
   create specific subdirectories.
   (e.g. 'schema' subdirectory, which holds all local schemas).
   
   'Blobs' - directory to store blobs and binary data. Core will create
   blobdir subdirectories (if needed) so user must ensure declared
   directory is read and writable by application owner.
   Default: /var(/local)/midgard/blobs/DBNAME
   
   'Cache' - directory to store cached files.
   Default: /var(/local)/cache/midgard
   
   We should think about some convention for cache subdirectories, and
   their permissions.
   
   Piotras
   _______________________________________________
   dev mailing list
   dev@lists.midgard-project.org
   http://lists.midgard-project.org/mailman/listinfo/dev
   •  Reply