Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread James Cloos 
> "HV" == Hendrik Visage  writes:

HV> I’ve already set base_dir: /sks2/sks/db, but then I still get this:
HV> Fatal error: exception Sys_error("/sks2/sks/db//var/log/sks/db.log: No such 
file or directory”)

Wouldn't it be easier to just mount your extra disk at /var/lib/sks?

/etc/sks is tiny and /var/log/sks is also reasonably small.

Only /var/lib/sks is large and under heavy load.

You could use a symlink from /var/log/sks to /var/lib/sks/log to get the
logs also onto your extra disk, but I wouldn't bother.

-JimC
-- 
James Cloos  OpenPGP: 0x997A9F17ED7DAEA6



___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread dirk astrath 

Hello,

To run a sks-server accessible via TOR and normal usage don't require to 
run different instances.


A usage, which comes to my mind is to run keyservers for different purposes:

#1 as a normal keyserver for the keyservers pool.
#2 as a special keyserver for a keysigning-party/...

(of course: in this case you need different IP-adresses for both servers 
;-) )


Kind regards,

dirk


On 23.01.2018 18:11, Alain Wolf wrote:

On 23.01.2018 17:18, Daniel Kahn Gillmor wrote:

On Tue 2018-01-23 10:51:54 +0100, Alain Wolf wrote:

I would try to change desired filepaths in
debian/patches/0001-use-debian-fhs.patch


Hi there--

I'm one of the current maintainers of the debian package.

this patch is intended to put sks in compliance with the filesystem
hierarchy.

however, i'm not convinced that the patches in the debian package are
the right thing for debian today, since they basically hardcode a single
path (and make it difficult to run two instances of sks on the same
machine, for example).  I'd welcome any proposals people have that:



The only proposal that comes to my mind is to 'fix' this within SKS
itself by adding command-line options and or config-file options.
Apparently there is already ticket:

https://bitbucket.org/skskeyserver/sks-keyserver/issues/6/make-directories-better-configurable

Multiple instances could then be setup like .i.e. Tor with
tor-instance-create(8).

But sorry, I am again in no position to help there.



___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel




___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Alain Wolf 
On 23.01.2018 17:18, Daniel Kahn Gillmor wrote:
> On Tue 2018-01-23 10:51:54 +0100, Alain Wolf wrote:
>> I would try to change desired filepaths in
>> debian/patches/0001-use-debian-fhs.patch
> 
> Hi there--
> 
> I'm one of the current maintainers of the debian package.
> 
> this patch is intended to put sks in compliance with the filesystem
> hierarchy.
> 
> however, i'm not convinced that the patches in the debian package are
> the right thing for debian today, since they basically hardcode a single
> path (and make it difficult to run two instances of sks on the same
> machine, for example).  I'd welcome any proposals people have that:
> 

The only proposal that comes to my mind is to 'fix' this within SKS
itself by adding command-line options and or config-file options.
Apparently there is already ticket:

https://bitbucket.org/skskeyserver/sks-keyserver/issues/6/make-directories-better-configurable

Multiple instances could then be setup like .i.e. Tor with
tor-instance-create(8).

But sorry, I am again in no position to help there.

-- 
pgpkeys.urown.net 11370 #  0x27A69FC9A1744242



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Martin Dobrev 
Hi,

my 2 dimes in-line too


On 23/01/18 16:55, Hendrik Visage wrote:
> Thanks for the explanation Daniel
>
>> On 23 Jan. 2018, at 18:18 , Daniel Kahn Gillmor  
>> wrote:
>>
>> On Tue 2018-01-23 10:51:54 +0100, Alain Wolf wrote:
>>> I would try to change desired filepaths in
>>> debian/patches/0001-use-debian-fhs.patch
>> Hi there--
>>
>> I'm one of the current maintainers of the debian package.
>>
>> this patch is intended to put sks in compliance with the filesystem
>> hierarchy.
>>
>> however, i'm not convinced that the patches in the debian package are
>> the right thing for debian today, since they basically hardcode a single
>> path (and make it difficult to run two instances of sks on the same
>> machine, for example).  I'd welcome any proposals people have that:
>>
>> a) retain the default filesystem placement to stay in line with the
>>filesystem hierarchy standard (FHS)
> Well… FHS makes sense…. up to the point that I’m deploying each service in
> it’s own set of mountpoints (ala old-style unix when disks was small, like in 
> VMs
> today with OS disk separate from the data disks)
>
>> b) enables running multiple keyservers on a given host
> That is what base_dir: is suppose to achieve, isn’t it?
The only bit that's required is a configuration switch passed to the
daemon with the location of the configuration file. The rest (things
like base_dir etc.) is already covered inside it. I'd guess a default
value of /etc/sks/sksconf or similar will do the trick if the parameter
is omitted yet allows multiple instances on the same box (although I
don't see a point in doing so because if the server dies all instances
will be lost)
>
>> c) people can upgrade their existing installations without too much
>>pain
> Yes, that’s the part that always becomes a problem  in special setups...
>
>> d) (optional) can be merged upstream so that we don't carry patches :)
>>
>> If i had more time, i'd experiment with dropping the patch completely,
>> and setting up a symlink approach in /etc/sks/ but i'm not sure whether
>> that would work; or if it works, if it would horrify anyone.
> I’d personally rather prefer a configuration file/settings I could 
> modify/tweak
> w.r.t. those files/etc., then it’ll be much easier to have multiple SKS 
> services on the
> same server/VM.
>
>> Anyway, i'm just saying that just because it's this way today, it
>> doesn't have to be this way forever.  feedback welcome :)
> As it’ll be a recompile/repackage to achieve my goals (other than symlinks 
> all over the show)
> I’ll have a look as see what I can contribute back.
>
>
> ___
> Sks-devel mailing list
> Sks-devel@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/sks-devel



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Hendrik Visage 
Thanks for the explanation Daniel

> On 23 Jan. 2018, at 18:18 , Daniel Kahn Gillmor  
> wrote:
> 
> On Tue 2018-01-23 10:51:54 +0100, Alain Wolf wrote:
>> I would try to change desired filepaths in
>> debian/patches/0001-use-debian-fhs.patch
> 
> Hi there--
> 
> I'm one of the current maintainers of the debian package.
> 
> this patch is intended to put sks in compliance with the filesystem
> hierarchy.
> 
> however, i'm not convinced that the patches in the debian package are
> the right thing for debian today, since they basically hardcode a single
> path (and make it difficult to run two instances of sks on the same
> machine, for example).  I'd welcome any proposals people have that:
> 
> a) retain the default filesystem placement to stay in line with the
>filesystem hierarchy standard (FHS)

Well… FHS makes sense…. up to the point that I’m deploying each service in
it’s own set of mountpoints (ala old-style unix when disks was small, like in 
VMs
today with OS disk separate from the data disks)

> b) enables running multiple keyservers on a given host

That is what base_dir: is suppose to achieve, isn’t it?

> c) people can upgrade their existing installations without too much
>pain

Yes, that’s the part that always becomes a problem  in special setups...

> d) (optional) can be merged upstream so that we don't carry patches :)
> 
> If i had more time, i'd experiment with dropping the patch completely,
> and setting up a symlink approach in /etc/sks/ but i'm not sure whether
> that would work; or if it works, if it would horrify anyone.

I’d personally rather prefer a configuration file/settings I could modify/tweak
w.r.t. those files/etc., then it’ll be much easier to have multiple SKS 
services on the
same server/VM.

> Anyway, i'm just saying that just because it's this way today, it
> doesn't have to be this way forever.  feedback welcome :)

As it’ll be a recompile/repackage to achieve my goals (other than symlinks all 
over the show)
I’ll have a look as see what I can contribute back.


signature.asc
Description: Message signed with OpenPGP
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Daniel Kahn Gillmor 
On Tue 2018-01-23 10:51:54 +0100, Alain Wolf wrote:
> I would try to change desired filepaths in
> debian/patches/0001-use-debian-fhs.patch

Hi there--

I'm one of the current maintainers of the debian package.

this patch is intended to put sks in compliance with the filesystem
hierarchy.

however, i'm not convinced that the patches in the debian package are
the right thing for debian today, since they basically hardcode a single
path (and make it difficult to run two instances of sks on the same
machine, for example).  I'd welcome any proposals people have that:

 a) retain the default filesystem placement to stay in line with the
filesystem hierarchy standard (FHS)

 b) enables running multiple keyservers on a given host

 c) people can upgrade their existing installations without too much
pain

 d) (optional) can be merged upstream so that we don't carry patches :)

If i had more time, i'd experiment with dropping the patch completely,
and setting up a symlink approach in /etc/sks/ but i'm not sure whether
that would work; or if it works, if it would horrify anyone.

Anyway, i'm just saying that just because it's this way today, it
doesn't have to be this way forever.  feedback welcome :)

--dkg


signature.asc
Description: PGP signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Hendrik Visage 

> On 23 Jan. 2018, at 11:51 , Alain Wolf  wrote:
>> 
>> strings does show that /var/log/sks/db.log is in the Debian packaged
>> /usr/sbin/sks file.
>> 
> 
> I would try to change desired filepaths in
> debian/patches/0001-use-debian-fhs.patch


Okay, that implies recompiling/packaging ;)

Thanks!



signature.asc
Description: Message signed with OpenPGP
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel

Re: [Sks-devel] Debian asks package and default paths

2018-01-23 Thread Alain Wolf 
Hey

On 23.01.2018 08:06, Hendrik Visage wrote:
> Good day,
> 
>  Busy setting up a SKS keyserver, and wants to have a separate /sks
> filesystem, and before I start to add symlinks
> all over the place, or re-compile SKS, I was wondering how/where to
> override the defaults in the configuration files.
> 
> I’ve already set base_dir: /sks2/sks/db, but then I still get this:
> Fatal error: exception Sys_error("/sks2/sks/db//var/log/sks/db.log: No
> such file or directory”)
> 
> strings does show that /var/log/sks/db.log is in the Debian packaged
> /usr/sbin/sks file.
> 

I would try to change desired filepaths in
debian/patches/0001-use-debian-fhs.patch

-- 
pgpkeys.urown.net 11370 #  0x27A69FC9A1744242



signature.asc
Description: OpenPGP digital signature
___
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel