Allow configuration of trusted clients and callers

[iinuwa]

#129 introduces some checks on trusted WebAuth client app IDs and D-Bus callers.

These should be configurable by distros or the local administrator.

• Formatting and parsing of config file
• Location of config file
• Will we allow merging, or just overriding config file?
• How can we manage the config file across updates? Will we provide defaults? What happens when the user updates the config, and we update a default? Who wins?

[Fraetor]

A standard for configuration files that is gradually gaining adoption is that of having the distro configuration file shipped in /usr/ and defaulting to having /etc/ blank. Then trying /etc/ first and falling back to /usr/ if not. This is complemented with drop-in files in /etc/foo.d/, which only overwrite the specific settings they contain.

This scheme helps with the configuration file updates, as the distro can update a config file knowing they are not going to have merging issues with the user supplied ones. It is also beneficial for image-based distros, as it allows for easier factory-resets (just delete /etc/) and updates (just replace /usr/ with a new image).

This scheme is specified here: https://uapi-group.org/specifications/specs/configuration_files_specification/

[iinuwa]

Aha! I had read that spec before but couldn't remember where it was, thank you!

libeconf is a full-fledged library implementing this that does file location and parsing and merging of configuration values. There is a Rust crate that implements the spec for locating files in the hierarchy; we should review that to see if it's useful to us.

[Fraetor]

The rust crate is AGPL, so that is probably a blocker for use here. libeconf is probably the way to go for if you don't mind using INI-style conf files, otherwise its not a huge spec to implement (that rust crate is less than 500 lines of non-test code).