subject:"Bug#873521\: \[Pkg\-samba\-maint\] Bug#873521\: samba\: tls options not compatible with ssl\-cert group"

Bug#873521: [Pkg-samba-maint] Bug#873521: samba: tls options not compatible with ssl-cert group

2017-10-05 Thread Mathieu Parent

2017-08-28 19:48 GMT+02:00 Troy Ready : [...] > Dear Maintainer, > > TLS private key files are explicitly checked for permissions 0600 at > startup[0], which precludes the use of the ssl-cert group to manage the key. > > This may be changed upstream at some point[1], but for

Bug#873521: [Pkg-samba-maint] Bug#873521: samba: tls options not compatible with ssl-cert group

2017-08-28 Thread Andrew Bartlett

On Mon, 2017-08-28 at 10:48 -0700, Troy Ready wrote: > This may be changed upstream at some point[1], but for now I think it'd be > appropriate for Debian to extend the check to allow for some form of > group-read > permissions. This needs to be done via upstream. We avoid having debian-only