rpms/cyrus-imapd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix pem file permission

Browse Source 
cyrus-imapd-key,pem had wrong permission which blocked cyrus-imapd
from accessing it.
This commit is contained in:
Pavel Zhukov 2020-04-23 11:48:24 +02:00
parent 2224abc224
commit 3eea5c4f65
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cyrus-imapd-init.service
View File

@ -9,4 +9,4 @@ ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
Type=oneshot
Group=mail
RemainAfterExit=no
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem --cert-key-mode=0640

14
cyrus-imapd.spec
View File

@ -9,9 +9,9 @@
Name: cyrus-imapd
Version: 3.0.13
Release: 3%{?dist}
Release: 4%{?dist}
%define ssl_pem_file /etc/pki/%name/%name.pem
%define ssl_pem_file_prefix /etc/pki/%name/%name
# UID/GID 76 have long been reserved for Cyrus
%define uid 76
@ -437,9 +437,6 @@ find %buildroot/%_libdir/perl5/ -type f -name "*.so" -exec chmod 755 {} \;
sed -e 's/^ *//' -e 's/-nosync//' -e 's/ *$//' -e 's/"/=/'
echo sieve_version=2.2.3 ) | sort > %buildroot/%_datadir/%name/rpm/db.cfg
# create the ghost pem file
touch %buildroot/%ssl_pem_file
# Cyrus has various files with extremely conflicting names. Some of these are
# not unexpected ("imapd" itself) but some like "httpd" are rather surprising.
@ -624,7 +621,9 @@ getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /v
%dir /etc/pki/cyrus-imapd
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-ca.pem
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix.pem
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-key.pem
%config(noreplace) /etc/cyrus.conf
%config(noreplace) /etc/imapd.conf
@ -712,6 +711,9 @@ getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /v
%changelog
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.13-4
- Fix pem files permission
* Wed Apr 01 2020 Petr Pisar <ppisar@redhat.com> - 3.0.13-3
- Specify all Perl dependencies of Cassandane