On 17/06/17 11:47, Sven Vermeulen wrote:
I generally try to make sure that it is the right domain before adding the
privilege. In the denial, the command that is being denied access is
"ca-certificates". Is that a script from ddclient, or does ddclient trigger
an (external) script and should we perhaps look at a potential domain
transition here?
Hi and thanks for the reply.
I had assumed this was the file of that name in /etc/ssl/certs but your
comment made me check the inode and I was wrong. It is actually a
directory "/usr/share/ca-certificates" which also has the "cert_t"
context. There is no script by that name associated with ddclient so I
guess ddclient is trying to (via openssl) access this directory/path?
Robert
