From ca7de250ae4345f461fa2bfb443676845624b13d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= Date: Tue, 29 Jul 2008 19:19:51 +0000 Subject: [PATCH] - really ask for the password during start-up --- dovecot-1.1-default-settings-passwd.patch | 4 ++-- dovecot.spec | 7 +++++-- dovecot.sysconfig | 8 ++++---- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/dovecot-1.1-default-settings-passwd.patch b/dovecot-1.1-default-settings-passwd.patch index eff8247..17e89b2 100644 --- a/dovecot-1.1-default-settings-passwd.patch +++ b/dovecot-1.1-default-settings-passwd.patch @@ -4,8 +4,8 @@ # If key file is password protected, give the password here. Alternatively # give it when starting dovecot with -p parameter. -+# Security note: if you have this config file world readable, then put the -+# password into /etc/sysconfig/dovecot. ++# Security note: if you have this config file world readable, then enable ++# password asking during start-up in /etc/sysconfig/dovecot. #ssl_key_password = # File containing trusted SSL certificate authorities. Set this only if you diff --git a/dovecot.spec b/dovecot.spec index dbebede..7fd3b41 100644 --- a/dovecot.spec +++ b/dovecot.spec @@ -2,7 +2,7 @@ Summary: Dovecot Secure imap server Name: dovecot Epoch: 1 Version: 1.1.2 -Release: 1%{?dist} +Release: 2%{?dist} License: MIT and LGPLv2 and BSD with advertising Group: System Environment/Daemons @@ -376,9 +376,12 @@ fi %changelog +* Tue Jul 29 2008 Dan Horak - 1:1.1.2-2 +- really ask for the password during start-up + * Tue Jul 29 2008 Dan Horak - 1:1.1.2-1 - update to upstream version 1.1.2 -- final solution for #445200 (put the password into /etc/sysconfig/dovecot) +- final solution for #445200 (add /etc/sysconfig/dovecot for start-up options) * Fri Jun 27 2008 Dan Horak - 1:1.1.1-2 - update default settings to listen on both IPv4 and IPv6 instead of IPv6 only diff --git a/dovecot.sysconfig b/dovecot.sysconfig index ff58b60..6778655 100644 --- a/dovecot.sysconfig +++ b/dovecot.sysconfig @@ -1,5 +1,5 @@ -# Here you can specify the password for your SSL certificates -# so the main config file can be world readable. Other command -# line options can be specified too. +# Here you can specify whether dovecot will ask for the SSL certificates' +# password during start-up so the main config file can be world readable. +# Other command line options can be specified too. # -#OPTIONS="-p my_certificate_password" +#OPTIONS="-p"