File: MIGRATION

package info (click to toggle)
poldi 0.4.1-3
  • links: PTS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 2,892 kB
  • ctags: 1,112
  • sloc: ansic: 9,554; sh: 4,684; makefile: 245; sed: 16
file content (55 lines) | stat: -rw-r--r-- 1,900 bytes parent folder | download | duplicates (4)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
Migration from Poldi 0.3
========================

Several things have changed with the release of Poldi 0.4.  This
document explains how to upgrade smoothly from Poldi 0.3 to Poldi 0.4
or greater.

* Authentication Methods

  Poldi 0.3 only supported one mechanism to authenticate a user: a
  challenge-response protocol in combination with a smartcard<-->user
  mapping stored in a plain text file. Now, Poldi supports two
  so-called "authentication methods" with the Poldi 0.3 way of
  authenticating being one such method, which is named "localdb".

  The other supported authentication method named "x509" implements
  authentication against a X509 PKI with the help of Dirmngr.

  There is no default authentication method, thus if you want to use
  the new Poldi just like Poldi 0.3, you need to specify "auth-method
  localdb" in the configuration file poldi.conf.

* Configuration

  With Poldi 0.3 it was possible to "register" smartcards and control
  the mapping between users and smartcards with the poldi-ctrl
  utility. As of Poldi 0.4 poldi-ctrl has been stripped in this
  respect; it does not contain this functionality anymore. Instead the
  system administrator has to edit the appropriate files manually.

* Paths

  Some paths have changed since Poldi 0.3. In particular:
  ${sysconfdir}/poldi/keys -> ${sysconfdir}/poldi/localdb/keys
  ${sysconfdir}/poldi/users -> ${sysconfdir}/poldi/localdb/users

* Lost configuration options

  Having unimplemented options in Poldis configuration file causes
  Poldi to bail out during initialization. Note that the following
  configuration options have been removed during the development of
  Poldi 0.4:

  - "debug-sc"
  - "ctapi-driver"
  - "pcsc-driver"
  - "reader-port"
  - "disable-ccid"
  - "debug-ccid-driver"
  - "disable-opensc"
  - "fake-wait-for-card"
  - "require-card-switch"
  - "wait-timeout"
  - "try_pin"
  - "quiet"