Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=551765 --- Comment #8 from Johan Cwiklinski <johan@xxxxxxxx> 2010-09-09 13:45:37 EDT --- (In reply to comment #6) > My first guess is that you should add an empty /var/lib/prosody owned by the > "prosody" user to the package. The package already ships that directory: $ rpm -ql prosody | grep /var /var/lib/prosody /var/run/prosody (In reply to comment #7) > The missing /var/lib/prosody might also be because I have /usr/com/prosody > since I've tested on EL5 where _sharedstatedir probably evaluates to that. > Maybe use %{_var}/lib/prosody instead? The programs are using the default of > /var/lib/prosody anyway in all cases since --datadir= isn't passed to > configure. I've not yet tested on EL-5 (Fedora 12 and 13 only for now), I'll try. > > A second issue is that the included crt/key pair comes as-is from the "certs" > directory of the source package. It will expire on October 17th 2010, in little > over a month. It also eases man-in-the-middle attacks since the default > certificate is identical on all servers. The best would be to generate a unique > long-lasting key/crt pair upon package install, like the mod_ssl package does. You are right, I will change the specfile so it will generate a ssl cert at install time. Thank you :) -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review