rpms/unbound
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Allow group by default to unbound-control (#1640259)

Browse Source 
Signed-off-by: Petr Menšík <pemensik@redhat.com>
This commit is contained in:
Petr Menšík 2018-10-22 16:16:09 +02:00
parent 3d0c001d3e
commit 9d074af91d
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
unbound-1.8.1-keygen-group-rights.patch Normal file
View File

@ -0,0 +1,29 @@
From 6429b5c298b10b96feb6b90c111948df97269f40 Mon Sep 17 00:00:00 2001
From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 22 Oct 2018 10:07:13 +0000
Subject: [PATCH] - Fix #4192: unbound-control-setup generates keys not
readable by group.
git-svn-id: file:///svn/unbound/trunk@4942 be551aaa-1e26-0410-a405-d3ace91eadb9
---
smallapp/unbound-control-setup.sh.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/smallapp/unbound-control-setup.sh.in b/smallapp/unbound-control-setup.sh.in
index 0d759f44..f4024b43 100644
--- a/smallapp/unbound-control-setup.sh.in
+++ b/smallapp/unbound-control-setup.sh.in
@@ -148,8 +148,8 @@ test -f $CTL_BASE.pem || error "could not create $CTL_BASE.pem"
# echo "empty password is used, simply click OK on the password dialog box."
# openssl pkcs12 -export -in $CTL_BASE"_trust.pem" -inkey $CTL_BASE.key -name "unbound remote control client cert" -out $CTL_BASE"_browser.pfx" -password "pass:" || error "could not create browser certificate"
-# remove unused permissions
-chmod o-rw $SVR_BASE.pem $SVR_BASE.key $CTL_BASE.pem $CTL_BASE.key
+# set desired permissions
+chmod 0640 $SVR_BASE.pem $SVR_BASE.key $CTL_BASE.pem $CTL_BASE.key
# remove crap
rm -f request.cfg
--
2.14.4

5
unbound.spec
View File

@ -34,7 +34,7 @@
Summary: Validating, recursive, and caching DNS(SEC) resolver Summary: Validating, recursive, and caching DNS(SEC) resolver
Name: unbound Name: unbound
Version: 1.8.1 Version: 1.8.1
Release: 1%{?extra_version:.%{extra_version}}%{?dist} Release: 2%{?extra_version:.%{extra_version}}%{?dist}
License: BSD License: BSD
Url: https://www.unbound.net/ Url: https://www.unbound.net/
Source: https://www.unbound.net/downloads/%{name}-%{version}%{?extra_version}.tar.gz Source: https://www.unbound.net/downloads/%{name}-%{version}%{?extra_version}.tar.gz
@ -420,6 +420,9 @@ popd
%attr(0644,root,root) %config %{_sysconfdir}/%{name}/root.key %attr(0644,root,root) %config %{_sysconfdir}/%{name}/root.key
%changelog %changelog
* Mon Oct 22 2018 Petr Menšík <pemensik@redhat.com> - 1.8.1-2
- Allow group by default to unbound-control (#1640259)
* Mon Oct 08 2018 Petr Menšík <pemensik@redhat.com> - 1.8.1-1 * Mon Oct 08 2018 Petr Menšík <pemensik@redhat.com> - 1.8.1-1
- Update to 1.8.1 - Update to 1.8.1