[Debian-med-packaging] Bug#833885: gbrowse: ships a deterministic/predictable OpenID constumer secret
olivier sallou
olivier.sallou at gmail.com
Wed Dec 14 10:11:10 UTC 2016
Le mer. 14 déc. 2016 à 10:41, olivier sallou <olivier.sallou at gmail.com> a
écrit :
> Le mer. 14 déc. 2016 à 10:19, Andreas Tille <tille at debian.org> a écrit :
>
> Hi,
>
> as far as I can see the solution for this issue would be to use a
> symlink for /usr/share/perl5/GBrowse/ConfigData.pm pointing to something
> like /etc/gbrowse/ConfigData.pm while the file
> /etc/gbrowse/ConfigData.pm will be created in postinst. Is this correct
> and will somebody of the other Uploaders (in CC) be able to care for
> this since I personally do not have any clue how to test gbrowse to
> verify the correct functionality?
>
>
> I think openid is not configured for GBrowse in Debian , so it should not
> be an issue
> It is true that consumersecret is generated at build time. It should not.
> Linking ConfigData.pm to etc file is the correct behavior, but putting a
> post install step may not be necessary. It is a config parameter and user
> should update it if he wish to use openid as a configuration parameter.
> It is up to the user to update this value like he wuold in other packages
> for password/secret related stuff.
>
Bu the way, openid is more and more deprecated and supported by less and
less providers..... so it may not worth the effort. Simply linking to etc
for user config ,if he wants to, should be necessary.
We won't be able anyway to test openid easily as it needs to get a server
and to declare the app in openid provider.... :-(
Olivier
>
> Olivier
>
>
> Kind regards
>
> Andreas.
>
> --
> http://fam-tille.de
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/debian-med-packaging/attachments/20161214/83b7f8a6/attachment.html>
More information about the Debian-med-packaging
mailing list