On Mon, Dec 22, 2008 at 12:44:28PM -0800, Dave Parker wrote:
>
> 4) adds to spacewalk-setup the ability to backup and generate a new
> /etc/httpd/conf.d/ssl.conf. This was necessary as the default ssl.conf
> provided
> by the mod_ssl package defines the _default_:443 ssl server, and does so in a
> way that's incompatible with spacewalk for lack of three directives. As it's
> improper for a second rpm to alter %config files from a first, it's
> implemented
> instead as a question in spacewalk-setup.
I don't like the fact that the ssl.conf is created from scratch here.
The spacewalk-setup should really just take whatever the existing
ssl.conf is there and add those three directives to _default_:443,
provided they are not there already (some marker could be used, or
just look for those directives being present).
That way if the user has something else configured in their ssl.conf,
it would be preserved and Spacewalk would be a good citizen.
Alternatively we could come up and drive to Fedora / RHEL a better SSL
configuration for Apache, to maybe have something like
/etc/httpd/conf.d/ssl.conf
do something like
<VirtualHost _default_:443>
Include conf.d/ssl.d/default/*.conf
</VirtualHost>
Include conf.d/ssl.d/*.conf
so that there is an easy way to add things to the default virtual
host, and also an easy way to add additional virtual hosts.
--
Jan Pazdziora
Satellite Engineering, Red Hat
_______________________________________________
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel
