/etc/grid-security position doesn't respect ETC_DIR or --sysconfdir

[ShamrockLee]

The /etc/grid-security-related paths are hard-coded inside the code. When configuring with --sysconfdir to place the configurations somewhere other than /etc, VOMS clients still try to read from /etc/grid-security.

Is it a design decision?

[giacomini]

Difficult to say if it was a conscious design decision when it was taken, many years ago. Is it something that bothers you in practice? If so, I can try to investigate further.

Please note that you can specify the trusted certificates directory, the vomsdir directory and the vomses file in a number of ways, e.g. as env variables and command-line options.

[msalle]

For the record, LCMAPS, LCAS and the like also hardcode /etc/grid-security. Different plugins typically have flags to override for example the certificates directory, similar to VOMS. Note that /etc/grid-security itself is rarely used. It's usually directories underneath it, and those latter one are usually configurable.

[ShamrockLee]

Sorry for late reply.

Is it something that bothers you in practice?

As a maintainer of the voms package in Nixpkgs, I need to specify where it looks for configuration and other data. (Unlike APT or RPM, Nix package manager stores each packages separately in hashed store paths instead of top-level FHS directories.) Just noticed such inconsistency when refactoring the package.