This file is indexed.

/etc/shishi/shisa.conf is in shishi-common 1.0.2-6build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# shisa.conf --- Database configuration file for Shishi.             -*- sh -*-
# Copyright 2002-2013 Simon Josefsson
#
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
# notice and this notice are preserved.
#
# If the first non white space character of a line is a '#', the line
# is ignored.  Empty lines are also ignored.
#
# See the manual for a complete list of options.

# db [OPTIONS] <TYPE> [LOCATION] [PARAMETERS ...]

# Specify the data sources for Shisa data.  Multiple entries, even of
# the same data source type, are allowed.  The data sources are
# accessed in the same sequence as they are defined here.  If an entry
# is found in one data source, it will be used for the operations,
# without searching the remaining data sources.  Valid OPTIONS
# include:

# --read-only       No data is written to this data source.
# --ignore-errors   Ignore failures in this backend.

# The default (when the configuration file is empty) uses one "file"
# data source (see below), but for a larger installation you may want
# to combine several data sources.  Here is an example.

# db --read-only file /var/local/master
# db --ignore-errors ldap kdc.example.org ca=/etc/shisa/kdc-ca.pem
# db --read-only file /var/cache/ldap-copy

# This demonstrate how you can store critical principals on local disk
# (the first entry, /var/local/master) that will always be found
# without looking in the LDAP directory.  The critical principals
# could be, e.g., krbtgt/EXAMPLE.ORG.  The second entry denote a LDAP
# server that could hold user principals.  As you can see, Shisa will
# not let the caller know about errors with the LDAP source (they will
# be logged, however).  Instead, if for instance the LDAP server has
# crashed, Shisa would continue and read from the /var/cache/ldap-copy
# file source.  That file source may have been set up to contain a
# copy of the data in the LDAP server, perhaps made on an hourly
# basis, so that your server will be able to serve recent data even in
# case of a crash.  Any updates or passwords change requests will
# however not be possible while the LDAP server is inaccessible, to
# reduce the problem of synchronizing data back into the LDAP server
# once it is online again.

# Currently only the "file" data source is supported, and denote a
# data source that use the standard file system for storage.
#
# Valid syntaxes for the "file" database:
# db file FILENAME
#
# Examples:
# db file /var/shishi
# db file /usr/share/shishi read-only
#
# If nothing is specified, the default will be:
# db file /usr/local/var/shishi/shisa.db