WS-Trust.xsd

Ferenc Wagner wferi at niif.hu
Tue Sep 16 10:20:03 UTC 2008


Russ Allbery <rra at debian.org> writes:

> Ferenc Wagner <wferi at niif.hu> writes:
>
>> As the catalog file is /usr/share/xml/shibboleth/catalog.xml, users
>> doing so are guarranteed to have their changes obliterated on package
>> upgrade.  The URL is in the catalog file, though.
>
> dpkg-divert --local --divert /usr/share/xml/shibboleth/catalog.xml.debian \
>     /usr/share/xml/shibboleth/catalog.xml
>
> and then copy catalog.xml.debian to catalog.xml and edit appropriately.
> If there are any changes to the listings during upgrades, those will have
> to be manually merged, so it's not ideal.  But it's possible.
>
> We could alternatively make it a configuration file, but I'm not sure if
> it's worth the effort.

An alternative is to document that one can copy the catalog file to
/etc/shibboleth/catalog.xml, uncomment and download the missing
schema, then edit /etc/default/shibd to contain

DAEMON_OPTS="-x /etc/shibboleth/catalog.xml:/usr/share/xml/opensaml/catalog.xml:/usr/share/xml/xmltooling/catalog.xml"

as Scott recommends.  I'm fine with both, what's your opinion?

On the other hand, Scott also mentioned that he would try to get
better licenses for the schema files, so that we have to jump through
less hoops.  Isn't there any news on this front?
-- 
Cheers,
Feri.



More information about the Pkg-shibboleth-devel mailing list