[Opendnssec-develop] packaging questions about softhsm
Paul Wouters
paul at xelerance.com
Fri Mar 4 16:48:56 UTC 2011
On Fri, 4 Mar 2011, Rickard Bellgrim wrote:
>> I'm packaging opendnssec for Fedora/RHEL/Centos and have a few questions.
>
> Rachid Zarouali, Ville Mattila, and Tim Verhoeven, on the user's list, were working on packaging opendnssec 6 months ago. Do not know the current status of that.
I did not know about that effort. I did not see anything in the RH bugzilla, so nothing has been
submitted yet.
>> - The libsofthsm.so is not versioned. This creates an error for packaging. Is
>> there is reason behind this? Can numbered sonames be used?
>
> The version number in the library file name was dropped because SoftHSM was change from a shared library to a loadable module.
If it is a module and not a shared library, then it should not be installed in /usr/lib* ?
Perhaps a better place would be /usr/lib/softhsm/ ?
Is this module only loadable by opendnssec? If so, then it should probably be a sub package,
like opendnssec-softhsm.
>> - If a thirdparty would want to use libsofthsm, would they not need some
>> include files? Currently none are installed. I assume they would need
>> src/lib/Soft*.h ? I would like to install these in /usr/include/softhsm/
>
> That is the pkcs11.h from RSA Labs (or the Scute project). What do we think, should we install it?
That could cause issues with other packages, like cryptoki or bind-pkcs11.
I'll try to get some more enduser experience with the software so I understand the components
better, and then adjust the packaging.
Paul
More information about the Opendnssec-develop
mailing list