[Bug 551765] Review Request: prosody - Flexible communications server for Jabber/XMPP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=551765

--- Comment #8 from Johan Cwiklinski <johan@xxxxxxxx> 2010-09-09 13:45:37 EDT ---
(In reply to comment #6)
> My first guess is that you should add an empty /var/lib/prosody owned by the
> "prosody" user to the package.

The package already ships that directory:
$ rpm -ql prosody | grep /var
/var/lib/prosody
/var/run/prosody

(In reply to comment #7)
> The missing /var/lib/prosody might also be because I have /usr/com/prosody
> since I've tested on EL5 where _sharedstatedir probably evaluates to that.
> Maybe use %{_var}/lib/prosody instead? The programs are using the default of
> /var/lib/prosody anyway in all cases since --datadir= isn't passed to
> configure.

I've not yet tested on EL-5 (Fedora 12 and 13 only for now), I'll try.

> 
> A second issue is that the included crt/key pair comes as-is from the "certs"
> directory of the source package. It will expire on October 17th 2010, in little
> over a month. It also eases man-in-the-middle attacks since the default
> certificate is identical on all servers. The best would be to generate a unique
> long-lasting key/crt pair upon package install, like the mod_ssl package does.

You are right, I will change the specfile so it will generate a ssl cert at
install time.

Thank you :)

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review


[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]