location of postfix ssl certificates
Dominick Grift
domg472 at gmail.com
Sun Mar 14 13:17:57 UTC 2010
On Sun, Mar 14, 2010 at 10:28:18AM +0100, Ruben Kerkhof wrote:
> Hi all,
>
> I was wondering what would be the best place to store tls certificates
> for postfix.
> Right now, we store them in /var, which is denied by the policy.
>
> The policy allows postfix files_read_usr_files (for openssl, that's
> what the comment above it says) but wouldn't it be better to store
> them under /etc/pki?
> Maybe there should be a postfix_cert_t or something?
I am not very familiar with postfix and its policy but in my opinion certs should be in /etc/pki indeed. although you could probably also dump them into /etc/postfix
>
> Regards,
>
> Ruben
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20100314/f5df01b8/attachment.bin
More information about the selinux
mailing list