Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=551765 --- Comment #7 from Matthias Saou <matthias@xxxxxxxxxxxx> 2010-09-09 12:58:13 EDT --- The missing /var/lib/prosody might also be because I have /usr/com/prosody since I've tested on EL5 where _sharedstatedir probably evaluates to that. Maybe use %{_var}/lib/prosody instead? The programs are using the default of /var/lib/prosody anyway in all cases since --datadir= isn't passed to configure. A second issue is that the included crt/key pair comes as-is from the "certs" directory of the source package. It will expire on October 17th 2010, in little over a month. It also eases man-in-the-middle attacks since the default certificate is identical on all servers. The best would be to generate a unique long-lasting key/crt pair upon package install, like the mod_ssl package does. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review