[lsc-dev] [LDAP Synchronization Connector - Bug #590] Multiple connectors configuration with SSL & TLS activation

noreply at lsc-project.org noreply at lsc-project.org
Tue Apr 23 16:43:01 CEST 2013

Issue #590 has been updated by Frédéric POISSON.

Hi Clement,

Yes the export of the JAVA_OPTS is a solution for the init script, but it is not implemented inside the bin/lsc script (eg there is no association with bin/lsc and /etc/default/lscxxx). I also understand that the patches introduce many changes, but it permit to have a single point of configuration for scripts. I'm open to other solutions...
Bug #590: Multiple connectors configuration with SSL & TLS activation

Author: Frédéric POISSON
Status: New
Priority: Normal
Assigned to: 
Category: Core
Target version: 
Problem in version: 


When reading LSC configuration service http://lsc-project.org/wiki/documentation/2.0/execution/start it is explain that we can make  :
 - a symbolic link with a new name of init.d script (eg /etc/init.d/lsc)
 - a copy of service configuration init.d script (eg /etc/default/lsc) with same name.

But if we also configure multiple connectors like this we can't follow easily the SSL & TLS documentation http://lsc-project.org/wiki/documentation/2.0/howtos/ssltls because it require to update main bin/lsc script without notion of multiple connectors.
I have also tested some option (see my last comment on http://tools.lsc-project.org/issues/438#change-2055) that couldn't be shared for each multiple connectors configuration. 

So i have made some changes on scripts bin/lsc and bin/lsc-agent in order to be able to load configuration from files of /etc/default/lsc location (and copy like). 
These changes permit to load all parameters like JAVA_HOME, JAVA_OPTS, LSC_JMXPORT etc.. 

The other advantage is to do not overwrite the binary script when you upgrade with rpm package, as configuration is inside a file not inside a script...

Here is an example of file /etc/default/lsc-cust1 with dedicated connector information:
JAVA_OPTS="$JAVA_OPTS -Duser.timezone=UTC+1 -Djavax.net.ssl.trustStore=/usr/local/lsc/etc-cust1/cacerts -Djavax.net.ssl.trustStorePassword=changeit"

Notice that in order to be able to call service script (for async) and bin/lsc script for the same configuration (ie clean phase call), i propose to create a symbolic link LSC_CFG_DIR/lsc to /etc/default/lsc-cust1 for example.

I have tested it with both async task and sync task with a Linux server, but i'm not sure to have tested all cases.

Please tell me if these patches are coherent with your implementation or usage of LSC.


You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lsc-project.org/pipermail/lsc-dev/attachments/20130423/038b00ad/attachment.htm>

More information about the lsc-dev mailing list