Hello, using debian sarge, latest snap openca from CVS, i386. Two things - first I had some problems with permissions for openca.
When I set with compilation httpd user and group values, some things are installed and chmod'ed to this user, and that's fine. However I noticed that my web server (running on users I set), is unable to perform some actions related to writing files in openca directories. When I set -R g+w on some directories this was solved. So in my opinion file permissions with make install-* should be reviewed. Second thing - I noticed, that there are some problems with date/time settings - openca in some cases writes its temporary data to directories like time/YYYY/MM/DD/hh/mm(..) and similar. This probably isn't bad idea, however I noticed (because of problem mentioned above), that time "for which" directory is used/created does not correspond to my system time. While I use time zone CET + 1 hour, the directory which is used by openca is more like CET -1 hour (looks like openca uses for directories time which is exactly two hours earlier than system time). Don't know whether this is a bug or whether this is intentionally developed. Both of these are most likely/probably debian(sarge/sid) specific problems, I think. Q: Do You have some documentation about filesystem permissions for openca nodes files? I mean some information about which files/directories should be SUID'ed, which should be owned by webserver user, and so on.., to make me able that I have all permissions set correctly. Of course some files like cgi scripts doesn't need detailed permissions listed in docs, however some other (like e.g. certs) I'd be glad to see :) Regards P. ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
