tags 340008 - sarge
tags 340008 + patch
severity 340008 grave
found 340008 1:1.0.15-2
thanks
Hi!
This bug still happens when upgrading from Etch to Lenny in some case
corner. I set the severity back to grave because:
- I have a patch
- it modifies files in /etc without user approval
Here is my configuration file:
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.key
When upgrading (from Etch to Lenny), I get:
Installing new version of config file /etc/init.d/dovecot ...
Creating generic self-signed certificate: /etc/ssl/certs/dovecot.pem
(replace with hand-crafted or authorized one if needed).
This overwrites /etc/ssl/certs/dovecot.pem
This creates /etc/ssl/private/dovecot.pem
Here are the simple steps to reproduce it:
- build an Etch chroot (with pbuilder for me)
- apt-get install dovecot-imapd
- mv /etc/ssl/private/dovecot.pem /etc/ssl/private/dovecot.key
- md5sum /etc/ssl/private/dovecot.key /etc/ssl/certs/dovecot.pem
- in dovecot.conf:
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.key
- sed -i 's/etch/lenny/g' /etc/apt/sources.list
- apt-get update
- apt-get dist-upgrade
- md5sum /etc/ssl/private/dovecot.key /etc/ssl/certs/dovecot.pem
-> /etc/ssl/certs/dovecot.pem has been modified.
I attach a patch to fix this.
diff --git a/debian/dovecot-common.postinst b/debian/dovecot-common.postinst
index c49e151..1cb77f9 100644
--- a/debian/dovecot-common.postinst
+++ b/debian/dovecot-common.postinst
@@ -35,7 +35,7 @@ if [ "$1" = "configure" ]; then
SSL_KEY="/etc/ssl/private/dovecot.pem"
# Generate new certs if needed
- if [ -e $SSL_CERT ] && [ -e $SSL_KEY ]; then
+ if [ -e $SSL_CERT ] || [ -e $SSL_KEY ]; then
echo "You already have ssl certs for dovecot."
else
echo "Creating generic self-signed certificate: $SSL_CERT"
Thanks.
--
#define BB_STAT2_TMP_INTR 0x10 /* My Penguins are burning.
Are you able to smell it? */
2.2.16 /usr/src/linux/include/asm-sparc/obio.h
