Timo Sirainen píše v Po 02. 06. 2008 v 21:50 +0300:
On Fri, 2008-05-30 at 15:49 +0200, Dan Horák wrote:
Hi,
I have gone through the patches that are used in the Fedora package and
probably only the mkcert-permissions [1] can be considered to be
included upstream. It is dated into package version 1.0-0.beta2.3, but I
cannot find any particular reason for the inclusion (like a bug in
bugzilla, etc.).
Certificate file is public data, so chmoding it to 0600 doesn't really
do any good. As for chowning the files to root:root, that's probably
good if you use the script to generate certificates automatically, but I
don't think the script should always do that since it may be run as
non-root.
The script is run during package installation with the goal to be ready
to run for the general user.
Some (winbind support, quota warnings) were obsoleted
by dovecot 1.1, two are used for distro specific settings. So the only
real patch that remains is the pam_setcred [2] patch that fixes
https://bugzilla.redhat.com/show_bug.cgi?id=146198
Unnecessary (with v1.0 too). pam_setcred() is called only if setcred=yes
is added to pam args.
Thanks for the info. I will update the package appropriately.
Dan