[Samba] file rights tls key files.
L.P.H. van Belle
belle at bazuin.nl
Fri Apr 15 09:12:04 UTC 2016
Yes, i can understand what your saying.
But i have a "server" certificate, which i use for multple services.
And since some of these services "run as" other user/group i have a special group for that. So logical i set 0440 on my key file and 444 on my cert files.
And why does the key file ( any certficicate file ) a 6, 4 is sufficient.
Its just not logical make copies of the certificates thats not why i have a "server" certificate...
Im just not happy with samba "enforcing" my security settings..
So anyway to overrule this?
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: bj at SerNet.DE [mailto:bjacke at sernet.de] Namens Björn JACKE
> Verzonden: vrijdag 15 april 2016 10:55
> Aan: L.P.H. van Belle
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] file rights tls key files.
>
> On 2016-04-15 at 10:09 +0200 L.P.H. van Belle sent off:
> > It there anyway to override this setting? I do need 0440 here. ( or
> 0400 )
> >
> > 0600 is not needed imo.
>
> can you say, why you need 440 here? I can't think of a valid use case for
> that.
> If another service should use a SSL certificate on that server, you would
> give
> that service another certificate then and not reuse the AD server SSL
> cert.
>
> Björn
More information about the samba
mailing list