summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2016-12-23 16:24:54 -0200
committervarac <varacanero@zeromail.org>2017-03-21 12:23:16 +0100
commitce2f2880da1041fcbdabaf18f7263fb30ba3cdf1 (patch)
tree0511a244d73b8950689baffc7763eca119806325
parent86c783d643f36e6513cbee6077e2be8ece92cea5 (diff)
[pkg] add soledad to the ssl-cert group
Now that uid an gid of the application are changed earlier by systemd (instead of twistd), soledad will fail to start if it doesn't have permission to read the ssl certificate with the new uid/gid. This commit adds soledad to the ssl-cert group, which is the group of the certificate as set by the platform.
-rw-r--r--debian/soledad-server.postinst3
1 files changed, 3 insertions, 0 deletions
diff --git a/debian/soledad-server.postinst b/debian/soledad-server.postinst
index f7dadaed..44112fc7 100644
--- a/debian/soledad-server.postinst
+++ b/debian/soledad-server.postinst
@@ -18,6 +18,9 @@ if [ ! $RET -eq 0 ]; then
adduser --system soledad --no-create-home --home /srv/leap/ --ingroup soledad
fi
+# allow soledad user to read ssl certificates
+usermod -aG ssl-cert soledad
+
# create soledad-admin user
id soledad-admin > /dev/null 2>&1
RET=$?