Am Dienstag 16 März 2010 18:04:50 schrieb Martin Paljak: > > Maybe we should have a uniform handling for all tools? > > It is strange if one tool does this, and the others don't. > > The problem with stderr and stdout is that tools also write independently > to those files. What makes it hard to pipe either the output or stderr, if > meaningful information from a tool is printed on stderr or the tool should > be usable piping stdout "pkcs15-tool -r 1 > cert.pem".
ok. lets say it this way: I think stderr is a better default than stdout, so all tools could default to stderr, if nothing else is set, like pkcs15-init already does. we could add a command line option to all tools, to set the debug_file (either some fd or a file name). > One solution: if debugging is enabled, use stderr for debugging and make > the commands print to stdout instead. not a good idea IMO. stdout is often redirected (e.g. if you read a certificate or key from a card). stderr is the proper channel, if you get an error. and it wouldn't be mixed with most debug info I guess, as it is most likely the last line printed (programs exit after most big errors, right?). > This assumes that debugging mode is not used in scripts. command line option would help here. > Another solution: for commands (tools), write the > debug output to ./opensc-debug.log by default. I don't like that, it could lead to some kind of attacks (e.g. symlinks in /tmp/ to overwrite some file etc.). better not go down that road if we have an alternative - I would prefer --debug-out filename > > Also: shall we override the setting from opensc.conf? > > You can set debug level and debug_file there too. > > I have two requirements: > - it must be possible to set debugging in a configuration file that is used > by default (but can be overridden by tools or environment variables) so with debug=6 in opensc.conf and "-v -v -v -v -v" we would overwrite ctx->debug from 6 to 5? only checking, fine with me. > - the user (or some software) must be able to easily locate the debug file > set in the configuration file, no matter what is the working directory of > the running application that uses PKCS#11 or CDSA. in opensc.conf you can specify the full filename, and a --debug-out option (or whatever name is appropriate) could do so to. if users specify a filename without leading path, its their decission and problem, a full pathname would be ok. Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
