Bug#478074: cyrus21-common: cyrus user should be in group ssl-certs
Dave Page
grimoire at cultofperf.org.uk
Sat Apr 26 20:59:42 UTC 2008
Package: cyrus21-common
Version: 2.1.18-5.1
Severity: important
The default cyrus imap config file /etc/imapd.conf suggests placing
TLS/SSL certificates in /etc/ssl/certs and keys in /etc/ssl/private
which appears to be the Debian standard.
However, keyfiles in /etc/ssl/private can only be read by users in the
group "ssl-certs", and user cyrus is not in this group. A simple
# adduser cyrus ssl-certs
fixes this and allows the certificates to be read from the preferred
location. It's worth noting that PostgreSQL puts the postgres user in
this group for this reason.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-xen-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages cyrus21-common depends on:
ii adduser 3.102 Add and remove users and groups
ii debconf [debc 1.5.11etch1 Debian configuration management sy
ii dpkg 1.13.25 package maintenance system for Deb
ii exim4-daemon- 4.63-17 exim MTA (v4) daemon with extended
ii gawk 1:3.1.5.dfsg-4 GNU awk, a pattern scanning and pr
ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries
ii libdb3 3.2.9+dfsg-0.1 Berkeley v3 Database Libraries [ru
ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library
ii libssl0.9.8 0.9.8c-4etch1 SSL shared libraries
ii libwrap0 7.6.dbs-13 Wietse Venema's TCP wrappers libra
ii libzephyr3 2.1.20010518.SNAPSHOT-17.1 The original "Instant Message" sys
ii netbase 4.29 Basic TCP/IP networking system
ii perl 5.8.8-7etch2 Larry Wall's Practical Extraction
Versions of packages cyrus21-common recommends:
ii cyrus21-imapd 2.1.18-5.1 Cyrus mail system (IMAP support)
-- debconf information:
cyrus21-common/warnbackendchange:
cyrus21-common/removespools: false
More information about the Pkg-Cyrus-imapd-Debian-devel
mailing list