From cb2fc365d1880f8083459f17932fdfb049fd3c5d Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 10 Jun 2013 23:01:10 +0000 Subject: Switch default configuration to use trust-anchor-directory. svn path=/trunk/; revision=5389 --- rcynic/Makefile.in | 9 +-------- rcynic/sample-rcynic.conf | 12 ++++++++++++ 2 files changed, 13 insertions(+), 8 deletions(-) (limited to 'rcynic') diff --git a/rcynic/Makefile.in b/rcynic/Makefile.in index 3c7753b7..2ba678d4 100644 --- a/rcynic/Makefile.in +++ b/rcynic/Makefile.in @@ -173,14 +173,7 @@ ${RCYNIC_CONF_FILE}: @echo >>$@.tmp 'jitter = 600' @echo >>$@.tmp 'use-syslog = true' @echo >>$@.tmp 'log-level = log_usage_err' - @cd sample-trust-anchors; \ - j=1; \ - for i in *.tal; \ - do \ - ${INSTALL} -p -m 444 "$$i" "${RCYNIC_TA_DIR}/$$i"; \ - echo >>$@.tmp "trust-anchor-locator.$$j = ${RCYNIC_CONF_TA_DIR}/$$i"; \ - j=$$((j+1)); \ - done + @echo >>$@.tmp 'trust-anchor-directory = ${RCYNIC_CONF_TA_DIR}' @chmod 444 $@.tmp @mv -f $@.tmp $@ diff --git a/rcynic/sample-rcynic.conf b/rcynic/sample-rcynic.conf index 23a39373..6fa49b9c 100644 --- a/rcynic/sample-rcynic.conf +++ b/rcynic/sample-rcynic.conf @@ -25,3 +25,15 @@ log-level = log_usage_err # The choice between these two formats depends largely on the policies # of the entity generating the corresponding trust anchor, ie, will # probably be made for you by the generating entity. + +# If you already keep all your TAs and TALs in a single directory +# anyway, you can also use the trust-anchor-directory directive to +# name that directory and let rcynic track whatever TAs and TALs you +# have there at the moment: + +#trust-anchor-directory = /etc/trust-anchors + +# Note that the order in which rcynic will read TAs and TALs from such +# a directory is undefined. In general this is not a problem, but if +# you really care about this for some reason, stick to the other +# directives. -- cgit v1.2.3