So the .htaccess should be included in the rpm? In that case an upgrade would introduce it again...No. I was thinking of generating it the same way you generate the members file. I am assuming that what you put in that part of the script won't get regenerated on each upgrade... Otherwise your user account info would be wiped out...
Stuff tagged with %config(noreplace) in the %files section will not overwrite but be put in a .rpmnew or something next to an existing file. But if the is non-existing it will be (re)introduced...
Is there any reason why we couldn't have the instructions be duplicated in the following areas: package info RPM-Readme.txt (which of course is served out if the .htaccess file exists)
Sure we can.In that case: Instead of using .htaccess why not just use /etc/httpd/conf.d/ledger-smb-httpd.conf and let it contain
# Point at documentation Alias /ledger-smb /usr/share/doc/ledger-smb-xxx/ # To enable ledger-smb active the line below instead of the one above # Alias /ledger-smb /usr/share/ledger-smb/But my gut feels bad about all this. The master password should be _the_ single point of "obscurity" preventing abuse. I don't like leaving that hole wide open and trying to guard it with other fences...
Currently there is no security problem at all; there are other problems preventing any kind of use or abuse anyway. Lets get them fixed first! ;-)
/Mads