On 24/05/2022 16:58, Axel Rau via Exim-users wrote:
Am 24.05.2022 um 00:37 schrieb Jeremy Harris via Exim-users
<exim-users@exim.org>:
On 23/05/2022 20:38, Axel Rau via Exim-users wrote:
After turning on setuid bit on exim binary, it could no longer access
the DB (error=‚valid client cert required‘)
It looks like the pgsql client library is doing certs stuff all on its
own.
https://www.postgresql.org/docs/9.1/libpq-ssl.html says it'll
send ~/.postgresql/postgresql.crt - and that is obviously
going to be a problem for a client that is dancing around different
user identities.
https://www.postgresql.org/docs/9.5/libpq-envars.html
lists PGSSLCERT and PGSSLKEY which look plausible as a way of
telling it specifically where to look.
So you just need to run with those set up in exim's environment.
Have a look at the "add_environment" min config option.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
