[Bug 551765] Review Request: prosody - Flexible communications server for Jabber/XMPP
bugzilla at redhat.com
bugzilla at redhat.com
Thu Sep 9 17:45:38 UTC 2010
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=551765
--- Comment #8 from Johan Cwiklinski <johan at x-tnd.be> 2010-09-09 13:45:37 EDT ---
(In reply to comment #6)
> My first guess is that you should add an empty /var/lib/prosody owned by the
> "prosody" user to the package.
The package already ships that directory:
$ rpm -ql prosody | grep /var
/var/lib/prosody
/var/run/prosody
(In reply to comment #7)
> The missing /var/lib/prosody might also be because I have /usr/com/prosody
> since I've tested on EL5 where _sharedstatedir probably evaluates to that.
> Maybe use %{_var}/lib/prosody instead? The programs are using the default of
> /var/lib/prosody anyway in all cases since --datadir= isn't passed to
> configure.
I've not yet tested on EL-5 (Fedora 12 and 13 only for now), I'll try.
>
> A second issue is that the included crt/key pair comes as-is from the "certs"
> directory of the source package. It will expire on October 17th 2010, in little
> over a month. It also eases man-in-the-middle attacks since the default
> certificate is identical on all servers. The best would be to generate a unique
> long-lasting key/crt pair upon package install, like the mod_ssl package does.
You are right, I will change the specfile so it will generate a ssl cert at
install time.
Thank you :)
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list