Author: rhafer Date: Fri Aug 1 14:20:09 2008 New Revision: 49572 URL: http://svn.opensuse.org/viewcvs/yast?rev=49572&view=rev Log: Set filesystem ACLs for Certificate Key Modified: trunk/ldap-server/src/LdapServer.pm Modified: trunk/ldap-server/src/LdapServer.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=49572&r1=49571&r2=49572&view=diff ============================================================================== --- trunk/ldap-server/src/LdapServer.pm (original) +++ trunk/ldap-server/src/LdapServer.pm Fri Aug 1 14:20:09 2008 @@ -755,6 +755,14 @@ { my $self = shift; my $tls = shift; + my $ret = SCR->Execute(".target.bash", + "/usr/bin/setfacl -m u:ldap:r ".$tls->{'certKeyFile'}); + if($ret != 0) { + return $self->SetError(_("Can not set a filesystem acl on the private key"), + "setfacl -m u:ldap:r "./etc/ssl/servercerts/serverkey.pem." failed.\n". + "Do you have filesystem acl support disabled?" ); + return 0; + } my $rc = SCR->Write('.ldapserver.global.tlsSettings', $tls ); return 1; } -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org