Restore ownership of certs

src/freedombone

@@ -3289,7 +3289,11 @@ function search_for_attached_usb_drive {
                 chown root:dovecot /etc/ssl/private/dovecot.*
             fi
             if [ -f /etc/ssl/private/exim.key ]; then
-                chown root:Debian-exim /etc/ssl/private/exim.key /etc/ssl/certs/exim.crt /etc/ssl/certs/exim.dhparam
+                cp /etc/ssl/private/exim.key /etc/exim4
+                cp /etc/ssl/certs/exim.crt /etc/exim4
+                cp /etc/ssl/certs/exim.dhparam /etc/exim4
+                chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+                chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
             fi
         fi
         if [ -d $USB_MOUNT/personal ]; then

src/freedombone-restore-local

@@ -586,6 +586,30 @@ function restore_certs {
             exit 276
         fi
         rm -rf /root/tempssl
+
+        # restore ownership
+        if [ -f /etc/ssl/private/xmpp.key ]; then
+            chown prosody:prosody /etc/ssl/private/xmpp.key
+            chown prosody:prosody /etc/ssl/certs/xmpp.*
+        fi
+        if [ -d /etc/dovecot ]; then
+            chown root:dovecot /etc/ssl/private/dovecot.*
+            chown root:dovecot /etc/ssl/certs/dovecot.*
+        fi
+        if [ -f /etc/ssl/private/exim.key ]; then
+			cp /etc/ssl/private/exim.key /etc/exim4
+			cp /etc/ssl/certs/exim.crt /etc/exim4
+			cp /etc/ssl/certs/exim.dhparam /etc/exim4
+			chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+			chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+        fi
+        if [ -f /etc/ssl/private/mumble.key ]; then
+            if [ -d /var/lib/mumble-server ]; then
+                cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
+                cp /etc/ssl/private/mumble.key /var/lib/mumble-server
+                chown -R mumble-server:mumble-server /var/lib/mumble-server
+            fi
+        fi
     fi
 }
 

src/freedombone-restore-remote

@@ -469,6 +469,30 @@ function restore_certs {
             exit 276
         fi
         rm -rf /root/tempssl
+
+        # restore ownership
+        if [ -f /etc/ssl/private/xmpp.key ]; then
+            chown prosody:prosody /etc/ssl/private/xmpp.key
+            chown prosody:prosody /etc/ssl/certs/xmpp.*
+        fi
+        if [ -d /etc/dovecot ]; then
+            chown root:dovecot /etc/ssl/private/dovecot.*
+            chown root:dovecot /etc/ssl/certs/dovecot.*
+        fi
+        if [ -f /etc/ssl/private/exim.key ]; then
+            cp /etc/ssl/private/exim.key /etc/exim4
+            cp /etc/ssl/certs/exim.crt /etc/exim4
+            cp /etc/ssl/certs/exim.dhparam /etc/exim4
+            chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+            chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+        fi
+        if [ -f /etc/ssl/private/mumble.key ]; then
+            if [ -d /var/lib/mumble-server ]; then
+                cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
+                cp /etc/ssl/private/mumble.key /var/lib/mumble-server
+                chown -R mumble-server:mumble-server /var/lib/mumble-server
+            fi
+        fi
     fi
 }