[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev FORCE_SSL_PROMPT:NO
From: |
Henry Nelson |
Subject: |
Re: lynx-dev FORCE_SSL_PROMPT:NO |
Date: |
Sat, 26 Jul 2003 10:20:53 +0900 (JST) |
> > Added procedure to determine default ssl cert location
> > (thanks to DK a^Hn^Hd^H ^HH^HN^H)
Scratch my name off!
> > strings `find / -name libcrypto.a 2>/dev/null` | grep -in cert | less
>
> Doing a find from root may take up excessive resources on some systems.
> I would think that we should recommend that only if libcrypto is not
> found in the usual library locations.
Good point. Maybe make a list of 3 or 4 common possibilities different
from the openssl default.
> I don't think that we should necessarily advise running as root. This
> README might be used by a user on a shared system setting up lynx in his
> own directory. That is, after all, the main reason for the environment
> variables. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^
This is an important idea that might be worth pointing out in the README.
I know a lot of times I forget that I'm using Lynx in my own directory.
> > If lynx is still not recognizing certs, environment variables may need
> > to be set; if so, they must be exported!
>
> You might want to say instead "if on a sh type shell, the variables also
> need to be exported".
Not sure how far a _Lynx_ README file has to go. This almost seems too
much detail. Some packages I know just give the actual commands for both
shell types, as in the examples by Doug quoted below. I find that useful
if I'm in a situation that's new to me. Then the actual statement that
you "have to export" is redundant. Given as a command that you cut-n-paste
it is clear what is meant, but sometimes it's hard to actually know _what_
to do if described in a full sentence. (Really. The first time I heard
"export", words like "Bill of Lading" and "Letter of Credit" came to mind!)
[Assuming sh type shells]
> SSL_CERT_DIR="/usr/local/ssl/certs"
> SSL_CERT_FILE="/usr/local/ssl/cert.pem"
> export SSL_CERT_DIR SSL_CERT_FILE
>
> On csh type shells, you can use:
> setenv SSL_CERT_DIR "/usr/local/ssl/certs"
> setenv SSL_CERT_FILE "/usr/local/ssl/cert.pem"
Right now I'm working on DNS. This "Howto" has been great:
http://www.boran.com/security/sp/bind9_20010430.html
#BM2__Setup_chroot_and_install_BIND
because it is so unambiguous and easy to follow. Here's how he handles the
shell issue: "The following steps assume use of the C-Shell. We start by
setting a variable." And later: "These commands are designed to be copied
and pasted."
Anyway, don't thank us. We want to thank you for coming through so nicely.
As is, your README is *infinitely* better than what was there before (nothing).
__Henry
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden
- Re: lynx-dev FORCE_SSL_PROMPT:NO, (continued)
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Stef Caunter, 2003/07/24
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Stef Caunter, 2003/07/25
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Doug Kaufman, 2003/07/25
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Stef Caunter, 2003/07/25
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Doug Kaufman, 2003/07/25
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Doug Kaufman, 2003/07/25
- Re: lynx-dev FORCE_SSL_PROMPT:NO, David Woolley, 2003/07/26
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Doug Kaufman, 2003/07/26
- Re: lynx-dev FORCE_SSL_PROMPT:NO, Stef Caunter, 2003/07/27
- Re: lynx-dev FORCE_SSL_PROMPT:NO, David Woolley, 2003/07/27
Re: lynx-dev FORCE_SSL_PROMPT:NO,
Henry Nelson <=