[Pkg-xmpp-devel] Bug#916465: prosody: Do not replace certificates on update

scott at cartasoft.com scott at cartasoft.com
Fri Dec 14 18:46:57 GMT 2018


Package: prosody
Version: 0.11.1-1
Severity: normal

Dear Maintainer,

I just updated to this version today. I was surprised to find my xmpp users
all received certificate warnings, flagging old, expired, self-signed
certificates offered by my system.

On inspection, I found these two symlinks:

/etc/prosody/certs/localhost.crt
/etc/prosody/certs/localhost.key

had been replaced and were (again) pointing to my crummy self-signed "snake
oil" certificate instead of my current Let's Encrypt-issued certificate.

If these symlinks exist, they should not be overwritten or modified (at
least
not without warning the administrator).

Thanks,
Scott
scott at cartasoft.com

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (900, 'stable'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.18.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages prosody depends on:
ii  adduser                             3.118
ii  libc6                               2.27-8
ii  libidn11                            1.33-2.2
ii  libssl1.1                           1.1.1a-1
ii  lsb-base                            10.2018112800
ii  lua-bitop [lua5.2-bitop]            1.0.2-5
ii  lua-expat [lua5.2-expat]            1.3.0-4
ii  lua-filesystem [lua5.2-filesystem]  1.6.3-1
ii  lua-sec [lua5.2-sec]                0.7-1
ii  lua-socket [lua5.2-socket]          3.0~rc1+git+ac3201d-4
ii  lua5.2                              5.2.4-1.1+b2
ii  ssl-cert                            1.0.39

Versions of packages prosody recommends:
ii  lua-event [lua5.2-event]  0.4.5-1

Versions of packages prosody suggests:
ii  lua-dbi-mysql       0.7.1-1
pn  lua-dbi-postgresql  <none>
pn  lua-dbi-sqlite3     <none>
ii  lua-zlib            0.2+git+1+9622739-2.1

-- Configuration Files:
/etc/prosody/conf.avail/example.com.cfg.lua [Errno 13] Permission denied:
'/etc/prosody/conf.avail/example.com.cfg.lua'
/etc/prosody/conf.avail/localhost.cfg.lua [Errno 13] Permission denied:
'/etc/prosody/conf.avail/localhost.cfg.lua'
/etc/prosody/prosody.cfg.lua [Errno 13] Permission denied:
'/etc/prosody/prosody.cfg.lua'

-- no debconf information



More information about the Pkg-xmpp-devel mailing list