<html>
<body>
I'd like to have the AG system define the following configuration
directories. I realize this is being done now, but these go toward
documenting & codifying current practice (and providing standard
names).<br><br>
<b>Per-user configuration.</b> <br>
This will hold things like the user profile, defaults, and a user's
certificate repository.<br><br>
Defaults: <br>
Linux: $HOME/.AccessGrid<br>
Windows has the notion of an Application Data directory. This can be
retrieved programmatically thusly:<br><br>
from win32com.shell import shell, shellcon<br><br>
appData = shell.SHGetFolderPath(0, shellcon.CSIDL_APPDATA, 0,
0)<br><br>
which on my machine is C:\Documents and Settings\olson\Application Data.
I think the AG diretcotry should be called <appdata dir>\Access
Grid. A win of using this directory is that the default permissions
result in it being unreadable to other users, which makes it a good place
for private keys to be stored. It may also be a good place for proxy
certs to be stored, but if roaming profiles are in use it might be a
network drive, which isn't necessarily a good thing.<br><br>
<b>Per-systemconfiguration.<br>
</b>This would hold the shared trusted CA repository, and whatever other
per-machine state makes sense.<br><br>
Linux: somewhere under /usr/share maybe, wherever is standard.<br>
Windows: there is a similar key CSIDL_COMMON_APPDATA that on my machine
points to C:\Documents and Settings\All Users\Application Data.
<br><br>
<b>Per-service configuration</b>.<br>
This would hold the certificate repository for the service, and a trusted
CA dir if it is different than the per-machine one.<br><br>
I suspect this is likely located in the per-machine configuration space
somewhere.<br><br>
<b>Temporary storage<br><br>
</b>This is for things like proxy certs. It needs to be local to the
current machine. <br><br>
Linux: /tmp, if we get the naming unique (should be straithforward)<br>
Windows: %TEMP% or win32api.GetTempPath().<br><br>
We should also provide support for the creation of temporary filenames.
The Python library has the tempfile module; this may be sufficient; it
appears to use the %TEMP% setting on Linux. A Win32 APi mechanism for
doing the same thing is:<br>
<br>
win32api.GetTempFileName(win32api.GetTempPath(),
"AG")<br><br>
<b>API support<br><br>
</b>we should have API support for all of this. I propose:<br><br>
Platform.GetUserConfigurationDir() <br>
Platform.GetSystemConfigurationDir()<br>
Platform.GetServiceConfigurationDir(serviceName)<br>
Platform.GetTempDir()<br><br>
properly done, this will get rid of some of the problems we've run into
with missing assumed directory names, etc.<br><br>
--bob</body>
</html>