|
Bugzilla – Full Text Bug Listing |
| Summary: | Courier generates certificates in /usr/share/courier-imap | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 10.2 | Reporter: | Christian Boltz <suse-beta> |
| Component: | Network | Assignee: | Michael Skibbe <mskibbe> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Minor | ||
| Priority: | P5 - None | CC: | andreas.hanke |
| Version: | Final | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | Other | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
courier-imap just follows the upstream defaults and is currently compatible with them, so it looks *very much* like an upstream issue. It currently explicitly does the following in imap/pop3d-ssl.dist.in: TLS_CERTFILE=@datadir@/pop3d.pem As you certainly know, @datadir@ is /usr/share and not /etc. They are writing @datadir@ here and not @sysconfig@. Please do not change it without asking the upstream authors or at least looking at how other distributors 'fix' this 'bug'. (Btw.: Assuming that patching this locally were a good idea, which it isn't, I do not think that these are config files; these are variable data files and therefore belong to /var, not /etc.) according to fhs there should no ssl certificate in /usr/share. /usr/share is for arch independend read-only data. a ssl certificate is a configuration file and should placed in /etc. i fixed this issue and report it to upstream |
Courier in default configuration generates certificates for courier-pop3-ssl and courier-imap-ssl in /usr/share/courier-imap/ /etc/courier/pop3d-ssl{,.dist} contains TLS_CERTFILE=/usr/share/courier-imap/pop3d.pem /etc/courier/imapd-ssl{,.dist} contains TLS_CERTFILE=/usr/share/courier-imap/imapd.pem /usr might be mounted read-only according to FHS, and is not expected to contain variable or machine-specific data. Please change the default paths for the certificates to /etc/courier/*.pem.