free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid stig failures when installing xmpp

This commit is contained in:
Bob Mottram 2018-01-20 09:58:43 +00:00
parent 544385a60c
commit a4e25d5dc0
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/freedombone-app-xmpp
View File

@ -1051,6 +1051,17 @@ function install_xmpp {
chmod -R 700 /etc/prosody/conf.d
usermod -a -G www-data prosody
# Avoid STIG failures
if [ -f /usr/lib/ssl/private/xmpp.key ]; then
chown root:root /usr/lib/ssl/private/xmpp.key
fi
if [ -f /usr/lib/ssl/certs/xmpp.crt ]; then
chown root:root /usr/lib/ssl/certs/xmpp.crt
fi
if [ -f /usr/lib/ssl/certs/xmpp.dhparam ]; then
chown root:root /usr/lib/ssl/certs/xmpp.dhparam
fi
if [ -d /etc/letsencrypt ]; then
usermod -a -G ssl-cert prosody
fi