Public key infrastructure
Stephen John Smoogen
smooge at gmail.com
Fri Jul 21 23:19:58 UTC 2006
On 7/21/06, Joachim Selke <selke at thi.uni-hannover.de> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Tomas Mraz wrote:
> >> (3) Every application using digital certificates (and capable of
> >> checking certs against a list of trusted CA certs) creates the
> >> directories /etc/pki/$appname/private, /etc/pki/$appname/public and
> >> /etc/pki/$appname/cacerts for storing certs. The last one by default is
> >> a symlink pointing to /etc/pki/cacerts.
> >
> > AFAIK directory as symlink in a package creates problems on package
> > upgrades so it would be best to leave them simply as empty directories.
>
> What kind of problems do you mean? Looking e.g. in /etc I see many
> directory symlinks.
>
The problem is if you later want to make the sym-link into a
directory. That is the reason for the many directory symlinks...
someone forgets to make a directory and creates a symlink and poof you
can't later decide on having a directory.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
More information about the fedora-devel-list
mailing list