Re: Upload of dtc-xen 0.5.13-1+squeeze1 in squeeze-proposed-updates

To: Thomas Goirand <thomas@goirand.fr>
Cc: Debian Release <debian-release@lists.debian.org>
Subject: Re: Upload of dtc-xen 0.5.13-1+squeeze1 in squeeze-proposed-updates
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 03 Aug 2011 19:55:44 +0100
Message-id: <[🔎] 1312397744.27904.17.camel@hathi.jungle.funky-badger.org>
In-reply-to: <4E2F14B0.9040809@goirand.fr>
References: <4E2F14B0.9040809@goirand.fr>

On Tue, 2011-07-26 at 21:25 +0200, Thomas Goirand wrote:
> Since the beginning, dtc-xen is generating SSL keys with openssl for
> it's SOAP server. To have the keys using the correct Unix right, I used
> umask before calling openssl. Unfortunately, later on (years later), I
> added a chmod 644 /etc/dtc-xen/*, which unfortunately, destroyed
> previous use of umask, and then now the keys are world readable.
[...]
> -chmod 644 ${DTCXEN_ETCPATH}/*
>  chmod 600 ${DTCXEN_ETCPATH}/dtc-xen.conf
> +chmod 600 /etc/dtc-xen/dtc-xen.cert.cert /etc/dtc-xen/dtc-xen.cert.csr
> /etc/dtc-xen/dtc-xen.cert.key

Hmmm, should the new chmod be using ${DTCXEN_ETCPATH} here?

Regards,

Adam

Reply to:

Follow-Ups:
- Re: Upload of dtc-xen 0.5.13-1+squeeze1 in squeeze-proposed-updates
  - From: Thomas Goirand <thomas@goirand.fr>

Prev by Date: Processed: Re: Bug#635738: pu: package openarena/0.8.5-5+squeeze1
Next by Date: Bug#636150: opu: package xorg-server/2:1.4.2-10.lenny4
Previous by thread: Re: Proposed stable update for procps
Next by thread: Re: Upload of dtc-xen 0.5.13-1+squeeze1 in squeeze-proposed-updates
Index(es):
- Date
- Thread