Bug #8788
Updated by Rob Nahf about 5 years ago
when installing dataone-cn-metacat and dataone-cn-index, postinst returned errors from incorrect permissions in the LE certificate. These were installed only 2 weeks ago, so I assume the issue is with the certificate installation process, not something to do with the dataone packages.
the exception was:
~~~
2019-04-28 23:32:06 UTC FATAL: private key file "/var/lib/postgresql/9.3/main/server.key" has group or world access
2019-04-28 23:32:06 UTC DETAIL: File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root.
~~~
permissions on the file (privkey5.pem) were:
was:
~~~
-rw-r----- 1 root ssl-cert 1704 Aug 17 2018 privkey1.pem
-rw-r----- 1 root ssl-cert 1704 Oct 17 2018 privkey2.pem
-rw-r----- 1 root ssl-cert 1704 Dec 16 12:33 privkey3.pem
-rw-r----- 1 root ssl-cert 1704 Feb 14 12:21 privkey4.pem
-rw-r--r-- 1 root root 1704 Apr 15 12:50 privkey5.pem
~~~
the exception was:
~~~
2019-04-28 23:32:06 UTC FATAL: private key file "/var/lib/postgresql/9.3/main/server.key" has group or world access
2019-04-28 23:32:06 UTC DETAIL: File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root.
~~~
permissions on the file (privkey5.pem) were:
was:
~~~
-rw-r----- 1 root ssl-cert 1704 Aug 17 2018 privkey1.pem
-rw-r----- 1 root ssl-cert 1704 Oct 17 2018 privkey2.pem
-rw-r----- 1 root ssl-cert 1704 Dec 16 12:33 privkey3.pem
-rw-r----- 1 root ssl-cert 1704 Feb 14 12:21 privkey4.pem
-rw-r--r-- 1 root root 1704 Apr 15 12:50 privkey5.pem
~~~
