Hide Forgot
RHEL 6.1 brought luci 0.23 (originally luci-0.23.0-13.el6), which initially provides a mean of user configuration via /etc/sysconfig/luci. This is quite a notable feature, new in this RHEL release. It originated in upstream change related to RFE/bug #661386. There were plentiful internal changes around that time with this one, exceptionally having external impact, being amongst them. That's why these changes got into RHEL 6.1 luci release in a batch and because I originally (by mistake and maybe partly by circumstances) hadn't qualified this change as worth documenting, it went in silently. So I am rectifying this now, ex-post but still... As I am responsible for respective code change, I am stating notable details below and feel free to ask additional questions. Details ======= (insert the very first sentence from above here) This file can be used to configure some aspects of luci behavior. Specifically, those are initscript/auxiliary configuration, server configuration and an application one as also reflected by file structure [1]. In addition, configuration file is very verbose about particular items, so there is no need to document them item-by-item. Perhaps most notable one, which would deserve documenting, is the ability to change a port luci being served at by uncommenting: --- #port = 4443 --- and inserting a desired port number (higher then or equal to 1024, i.e. not a privileged port), e.g.: --- port = 7084 --- Non-configuration lines should not be changed to protect the intended format. Also one should pay attention to the syntax required (initscript section is more strict: no spaces around equal sign and quoting strings with white spaces; this may be applied with other sections too but more relaxed syntax is also fine there). It should probably also be noted that "who.auth_tkt_timeout" configuration item is not effective on RHEL 6.1 since there is not enough up-to-date python-repoze-who package ("requires repoze.who >= 1.0.14" note applies). This may change in subsequent RHEL releases. Another thing good to mention is note that with changing some configuration item here (i.e. redefining a default value), one has to be careful and adjust documentation instructions accordingly (e.g. port enabled on firewall, URL where to access luci instance etc.). Sidenotes ========= 1. There is possibility for users to configure a subset of configuration items (port amongst them) with older luci v0.22 on RHEL 6.0 too (via /var/lib/luci/etc/luci.ini), but this is discouraged/not guaranteed and (luckily) not documented [2]. 2. First-gen luci on RHEL 5 (and maybe 4; luci < 0.20 which was maybe only a part of conga package, not a standalone package that came later on) did also allow to be configured by /etc/sysconfig/luci [3], but there is no connection, although items may be similar. 3. The support of /etc/sysconfig/luci will continue through RHEL 6.2 further and nothing should change dramatically in this regard. [1] http://git.fedorahosted.org/git/?p=luci.git;a=blob_plain;f=input_files/sysconfig/sysconfig.in [2] http://www.redhat.com/search?q=%2Fvar%2Flib%2Fluci%2Fetc%2Fluci.ini&site=redhat_docs [3] http://www.redhat.com/search?q=%2Fetc%2Fsysconfig%2Fluci&site=redhat_docs
(In reply to comment 0) > It should probably also be noted that "who.auth_tkt_timeout" configuration > item is not effective on RHEL 6.1 since there is not enough up-to-date > python-repoze-who package ("requires repoze.who >= 1.0.14" note applies). > This may change in subsequent RHEL releases. The referred change might (hopefully) come with RHEL 6.3, please see bug 733753 (I set it being dependent on this one + added Documentation keyword).
Jan: --------- It should probably also be noted that "who.auth_tkt_timeout" configuration item is not effective on RHEL 6.1 since there is not enough up-to-date python-repoze-who package ("requires repoze.who >= 1.0.14" note applies). This may change in subsequent RHEL releases. -------- I will add a small section on this file to the Conga chapter of the Cluster Administration Guide for RHEL 6.2, summarizing the information contained in this BZ. But as to this feature: The general documentation is not the place to note what does not work -- that is, in a 6.2 document I can't really point to a feature and say "this does not work in 6.2". But I looked at the /etc/sysconfig/luci file and, as you note, the repoze.who note applies so that should probably be enough I think. When I write up the new section (in a matter of days -- it's the very end of rhel6.2 doc time) I will send it to you for review. Thanks. -Steven
I submitted Comment 3 before I saw Comment 2. But for now I'm still not really sure that I can point to this in the rhel 6.2 documentation -- it seems more something for the release notes.
TBH, I just wanted this piece of work to reach its "happy end" because it got stuck in the middle (my bad, at least partly). I completety agree it does not contribute to a good image stating what does not currently work, yet exposed. Release notes are okay, too; in fact I do not care much about the form, I do care about general awareness of /etc/sysconfig/luci feature by the target audience.
Jan: I'll try to write something up today (Monday August 29) and get it to you for review -- it should be straightforward (I hope). Documenting the existence of /etc/sysconfig/luci easily belongs with the general luci/Conga documentation. The issue for the NEEDINFO is where (or even whether) lack of current support for who.auth_tkt_timeout in RHEL 6.2 should be mentioned. 0Steven
I've made the indicated updates to my working draft.
I've made the changes from Jan's review (in comments 10, 11, and 15) and checked them in, but this BZ is still in NEEDINFO since Jan set it for Lon to ask his opinion on whether we need to call out lack of current support for who.auth_tkt_timeout in RHEL 6.2 should be mentioned, as noted in Comment 7. IMO, that's not really something that should go in the document but, rather, should go in the Release Notes -- it's a mention of lack of support. So as a matter of status the documentation in Cluster Administration on this feature is complete for 6.2 (and reviewed by Jan) and I'll move this into ON_QA when we resolve the issue of where/if to explicitly document lack of support of who.auth_tkt_timeout.
Removing the NEEDINFO because that's holding this BZ up from a pubs point of view, but I have final review from Jan for the document, and Jan has gotten Lon's input on IRC.
I'm not sure what you mean by your question about whether your point 4 in comment 26 was improper. You wrote "when enabling IP port that runs luci" and that needs an article: "when enabling an IP port that runs luci". But then we changed the phrase a couple of times and it now says "when you enable an IP port for luci".
Latest build for 6.2 GA: Red_Hat_Enterprise_Linux-Cluster_Administration-6-web-en-US-0-114_el6eng Moving to CLOSED.