Page MenuHomeDevCentral
Files F4020359

D836.diff
No OneTemporary
Actions

D836.diff
View Options

diff --git a/roles/mailserver/certificates/files/update-smtp-certificates b/roles/mailserver/certificates/files/update-smtp-certificates
--- a/roles/mailserver/certificates/files/update-smtp-certificates
+++ b/roles/mailserver/certificates/files/update-smtp-certificates
@@ -15,8 +15,9 @@
cp $CERT_DIR/fullchain.pem $CONTAINER_DIR/etc/ssl/certs/mailserver.crt
cp $CERT_DIR/privkey.pem $CONTAINER_DIR/etc/ssl/private/mailserver.key
-# postfix runs as root
+# Mail servers can read the certificate as root before dropping privileges
chown 0:0 $CONTAINER_DIR/etc/ssl/private/mailserver.key
chmod 400 $CONTAINER_DIR/etc/ssl/private/mailserver.key
lxc-attach -n $CONTAINER_NAME -- service postfix restart
+lxc-attach -n $CONTAINER_NAME -- service dovecot restart

File Metadata

Mime Type
text/plain
Expires
Mon, Jan 20, 04:39 (13 h, 13 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2361577
Default Alt Text
D836.diff (768 B)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator