Package: dovecot-common Version: 1:1.1.11-4 Severity: minor I had a custom SSL certificate from cacert.org installed for dovecot. After upgrading packages last night, I discovered that I could no longer connect to my IMAP server - dovecot was spewing errors about a mismatch in the SSL key file. Upon further examination, I discovered that the certs/dovecot.pem file had been overwritten and a new private/dovecot.pem added (my custom key file was private/dovecot.key). Since I had chosen to preserve my old config file, dovecot was now trying to use the new certificate with the old key. Some more investigation revealed that dovecot-common's postinst script skips generating an SSL certificate only if _both_ certs/dovecot.pem _and_ private/dovecot.pem exist. Since the latter wasn't present on my system, the script decided to generate a new certificate.
I suggest that the postinst script is changed to skip certificate generation if _either_ of those files exists, or a warning is added to the config file about this potential trampling if only one file is renamed. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.25 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dovecot-common depends on: ii adduser 3.110 add and remove users and groups ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co ii libc6 2.9-4 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libgssapi-krb5-2 1.6.dfsg.4~beta1-9 MIT Kerberos runtime libraries - k ii libk5crypto3 1.6.dfsg.4~beta1-9 MIT Kerberos runtime libraries - C ii libkrb5-3 1.6.dfsg.4~beta1-9 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.15-1 OpenLDAP libraries ii libmysqlclient15off 5.0.77-1 MySQL database client library ii libpam-runtime 1.0.1-7 Runtime support for the PAM librar ii libpam0g 1.0.1-7 Pluggable Authentication Modules l ii libpq5 8.3.6-1 PostgreSQL C client library ii libsqlite3-0 3.5.9-6 SQLite 3 shared library ii libssl0.9.8 0.9.8g-15 SSL shared libraries ii openssl 0.9.8g-15 Secure Socket Layer (SSL) binary a ii ucf 3.0016 Update Configuration File: preserv ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime dovecot-common recommends no packages. Versions of packages dovecot-common suggests: ii ntp 1:4.2.4p6+dfsg-1 Network Time Protocol daemon and u ii ntpdate 1:4.2.4p6+dfsg-1 client for setting system time fro -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
