On 10.5.2011, at 0.59, Daniel Kahn Gillmor wrote: > dovecot's ssl-params sub-daemon appears to hardcode the path and > filename to its parameters file. > > However, the other dovecot tools appear to look for the file using the > ssl_parameters_file configuration variable.
No, there is such a setting but it's not used by anything. It's actually a bug that I accidentally added that setting back (due to v2.0's master/config code being based on some very old pre-v1.0 code). > Launching dovecot as a non-privileged user without write permissions > to /var/lib/dovecot produces the following warnings on stderr, even if > ssl_parameters_file is set to a location where the user has read/write > permissions: > > 2011-05-09 16:38:42 master: Info: Dovecot v2.0.12 starting up (core dumps > disabled) > 2011-05-09 16:38:42 ssl-params: Error: > open(/var/lib/dovecot/ssl-parameters.dat) failed: Permission denied > 2011-05-09 16:38:42 ssl-params: Fatal: > creat(/var/lib/dovecot/ssl-parameters.dat.tmp) failed: Permission denied > 2011-05-09 16:38:42 ssl-params: Error: child process failed with status 22784 Hmm.. Perhaps there should be a shared_state_dir setting or something that is normally /var/lib/dovecot. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
