#1677 Debian postinst needs to chown generated /etc/prosody/certs/localhost.key

Reporter Martin Kofahl
Owner Zash
Stars ★ (1)
  • Status-Fixed
  • OpSys-Debian
  • Type-Defect
  • Priority-Medium
  • Component-Packages
  • Milestone-0.11
  1. Martin Kofahl on

    What steps will reproduce the problem? 1. install debian package prosody 2. start prosody What is the expected output? no error message in log What do you see instead? /var/log/prosody/prosody.err: SSL/TLS: Failed to load '/etc/prosody/certs/localhost.key': Check that the permissions allow Prosody to read this file. (for localhost) What version of the product are you using? On what operating system? 0.11.10-1~focal1 Please provide any additional information below. On clean systems, postinst generates /etc/prosody/certs/localhost.key as root. The file should be owned by prosody, not by root.

  2. Zash on

    Thanks for the report. Noticed this myself when testing the 0.11.10 packages. Seems it wasn't a new problem so didn't fix it then, but we should do so before the next release.

    • tags Status-Accepted Milestone-0.11 OpSys-Debian Component-Packages
  3. Zash on

    But should ownership be prosody:root, root:prosody or prosody:prosody?!

    • owner Zash
    • tags Status-Started
  4. Zash on

    https://hg.prosody.im/debian/rev/50ce7bec4139 prosody:prosody will have to do

    • tags Status-Fixed

New comment

Not published. Used for spam prevention and optional update notifications.