Restore ownership of certs

This commit is contained in:
Bob Mottram 2016-01-01 11:42:37 +00:00
parent ae79acb02b
commit c7112d1ec0
3 changed files with 53 additions and 1 deletions

View File

@ -3289,7 +3289,11 @@ function search_for_attached_usb_drive {
chown root:dovecot /etc/ssl/private/dovecot.* chown root:dovecot /etc/ssl/private/dovecot.*
fi fi
if [ -f /etc/ssl/private/exim.key ]; then if [ -f /etc/ssl/private/exim.key ]; then
chown root:Debian-exim /etc/ssl/private/exim.key /etc/ssl/certs/exim.crt /etc/ssl/certs/exim.dhparam cp /etc/ssl/private/exim.key /etc/exim4
cp /etc/ssl/certs/exim.crt /etc/exim4
cp /etc/ssl/certs/exim.dhparam /etc/exim4
chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
fi fi
fi fi
if [ -d $USB_MOUNT/personal ]; then if [ -d $USB_MOUNT/personal ]; then

View File

@ -586,6 +586,30 @@ function restore_certs {
exit 276 exit 276
fi fi
rm -rf /root/tempssl rm -rf /root/tempssl
# restore ownership
if [ -f /etc/ssl/private/xmpp.key ]; then
chown prosody:prosody /etc/ssl/private/xmpp.key
chown prosody:prosody /etc/ssl/certs/xmpp.*
fi
if [ -d /etc/dovecot ]; then
chown root:dovecot /etc/ssl/private/dovecot.*
chown root:dovecot /etc/ssl/certs/dovecot.*
fi
if [ -f /etc/ssl/private/exim.key ]; then
cp /etc/ssl/private/exim.key /etc/exim4
cp /etc/ssl/certs/exim.crt /etc/exim4
cp /etc/ssl/certs/exim.dhparam /etc/exim4
chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
fi
if [ -f /etc/ssl/private/mumble.key ]; then
if [ -d /var/lib/mumble-server ]; then
cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
cp /etc/ssl/private/mumble.key /var/lib/mumble-server
chown -R mumble-server:mumble-server /var/lib/mumble-server
fi
fi
fi fi
} }

View File

@ -469,6 +469,30 @@ function restore_certs {
exit 276 exit 276
fi fi
rm -rf /root/tempssl rm -rf /root/tempssl
# restore ownership
if [ -f /etc/ssl/private/xmpp.key ]; then
chown prosody:prosody /etc/ssl/private/xmpp.key
chown prosody:prosody /etc/ssl/certs/xmpp.*
fi
if [ -d /etc/dovecot ]; then
chown root:dovecot /etc/ssl/private/dovecot.*
chown root:dovecot /etc/ssl/certs/dovecot.*
fi
if [ -f /etc/ssl/private/exim.key ]; then
cp /etc/ssl/private/exim.key /etc/exim4
cp /etc/ssl/certs/exim.crt /etc/exim4
cp /etc/ssl/certs/exim.dhparam /etc/exim4
chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
fi
if [ -f /etc/ssl/private/mumble.key ]; then
if [ -d /var/lib/mumble-server ]; then
cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
cp /etc/ssl/private/mumble.key /var/lib/mumble-server
chown -R mumble-server:mumble-server /var/lib/mumble-server
fi
fi
fi fi
} }