Control: tag -1 pending Hi,
On Wed, 23 Sep 2020 at 17:22:32 +0200, Benjamin Tietz wrote: > in our setup multiple http-servers can be used to serve a random file. > For the static files, the storage is syncronized filesystem replication. > > When lacme creates a challenge-response for a new certificate, it is > unclear, which of the external servers will serve that request. Due to > the replication, all of the servers could have access to the challenge > file, but currently lacme only creates a symlink into a temporary > directory. Thanks and appologies for the delay in responding; I think it's a valid use-case and given the fix is targeted it's still doable for Bullseye. > The attached patch adds a new configuration option > `hard-copy-challenge-directory`, > which will drop the temporary file and handles the acme-challenge > directory directly. Thinking about it, I believe we can just make it the default behavior. I'll also change the semantics of the ‘challenge-directory’ so it now needs to be an *existing* directory. The non-existence requirement was confusing, and requiring an existing directory makes it possible to harden lacme(8)'s mount namespace: it only needs write accesses to the directory holding certificates, to /tmp (possibly unshared), and to the challenge directory if the builtin webserver isn't used. Before it needed write access to the parent directory of the (non-existing) challenge directory in order to create the symlink. Cheers, -- Guilhem.
signature.asc
Description: PGP signature
