Overview

Request 1116383 superseded

Some fixes and improvements

Loading...

Georg Pfuetzenreuter's avatar

Thanks for the patch. I think it should be noted that this is not specific to Let's Encrypt, but rather to certbot. There are various alternative ACME clients - instead of adding ACME client specific locations here, can certbot not be configured to install the certificates to /etc/coturn/tls with the right privileges using a user defined post-hook instead?

What's the reason for removing the group permissions from the lib and log directories? I deemed this useful for allowing less privileged users access to the log data.

Regarding the sysusers file, if you're already reformatting it, you could remove the superfluous g and m lines, they are already handled by u - sysusers.d(5). :-)


Christian Wittmer's avatar
author source maintainer target maintainer

About /etc/coturn/tls it is up to the admin if he wants certs to be copied over or if he wants to create symlinks. I prefer symlinks. Mysql also has that problem with letsencypt cert read permission hence I ran for symlinks, because its more easy and clear where the certs come from.

superseded ...

Request History
Christian Wittmer's avatar

computersalat created request

Some fixes and improvements


Christian Wittmer's avatar

computersalat superseded request

superseded by 1116737

openSUSE Build Service is sponsored by