Shibboleth Developers

[Tom Poage <>]

One of thing I'd considered toying with for platforms needing libcurl
linked against OpenSSL is to rename the library itself to something like
libcurl-openssl.so.3.0.0 so it doesn't conflict with that supplied by
the OS. Unfortunately, one would then also have to link shibd against
this library.

Flip side, a curl library with a different name might be more generally
useful to other (TBD) code needing the same feature set as shibd.

I hadn't gotten as far as twiddling spec/Make files to see how well it
works.

The only reason I was thinking of this route was a very old assertion
(Gene Spafford?) that LD_LIBRARY_PATH and kin were insecure. I don't
know if LD_PRELOAD remedies any of these old concerns.

FWIW, as recently as RHEL 5 (not tested with RHEL 6) local RPM builds
were defaulting to /usr/local. Some of this may have had more to do with
my peculiar use of cpan2rpm etc. than OS configuration.

2-cents.

Tom.

On 05/20/2011 09:33 AM, Peter Schober wrote:
> * Cantor, Scott E. 
> <>
>  [2011-05-20 17:48]:
>> But I'd like to get more feedback on using /opt/shibboleth.net
> 
> One could also say the IdP already defaults to /opt/shibboleth (though
> technically the installer only prompts, so the deployer still decides
> herself) and that by getting LSB-names registered both the IdP and
> the SP could continue making use of this.
> (Would require two names though, since he SP uses 'shibd' as the init
> script's name.)
> 
> I sent a request to 
> <>
>  to find out whether anything
> is still going on there (or at least whether email is being recieved).
> -peter
> 
> (Historic?) Registered provider name:
> http://web.archive.org/web/20081103044208/http://www.lanana.org/lsbreg/providers/providers.txt
> (Historic?) Registered init script names:
> http://web.archive.org/web/20090207100011/http://www.lanana.org/lsbreg/init/init.txt