#1075 prosodyctl --root cert ... demands root-owned certs dir
What steps will reproduce the problem?
1. chown prosody /etc/prosody/certs
2. sudo prosodyctl --root cert (anything)
What is the expected output?
No complaint, maybe?
What do you see instead?
The directory /etc/prosody/certs is not owned by the current user, won't be able to write files to it
What version of the product are you using? On what operating system?
0.10.0. Reportedly Ubuntu.
Please provide any additional information below.
if pposix.getuid() ~= cert_dir_attrs.uid then will in this case only accept a root-owned directory
Perhaps it should skip this check if running as root, since root is always allowed to write anything anywhere.
Thanks to Hund on IRC for noticing this.
The problem here is not only the complaint. It doesn't try to copy any certs then, either.
So if you for example use this command in a cron job to copy Let's Encrypt certs over, that does not work anymore.
I have the same issue running prosody 0.10.2 in OpenShift / Kubernetes with Arbitrary User IDs.
The user has rwx permissions to this folder via group permissions and cannot be the owner of an directory.
Info: Arbitrary User IDs are part of a security feature which is enabled by default in OpenShift.