acme module's group parameter is non-functional #48627
Labels
Bug
broken, incorrect, or confusing behavior
P3
Priority 3
severity-medium
3rd level, incorrect or bad functionality, confusing and lacks a work around
State-Module
Milestone
Description of Issue/Question
acme.cert
enforces that the private key file is mode0600
, so setting the group ownership using thegroup
option does not actually result in another group being able to read the private key.Please change the permission to
0640
, which is the only sensible default, given that there is agroup
parameter which defaults toroot
. Perhaps consider making it configurable.Setup
Steps to Reproduce Issue
somegroup
cannot read the private key file.Versions Report
2018.3.2, but looking at the code suggests that it's still present in develop.
The text was updated successfully, but these errors were encountered: