On Wednesday, April 24, 2013 05:46:47 PM you wrote:
> Package: opendkim
> Version: 2.8.2-1
> Severity: important
> 
> Dear Maintainer,
> 
> The README file was not prescriptive about where to place the configuration
> files. It did say what the ownership, etc, of the files/directory should
> be. So I placed them in /etc/mail/dkim/
> In recent versions of opendkim, I've been experiencing errors such as this:
>   "key data is not secure: /etc/mail is writeable and owned by uid 100 which
> is not the executing uid (117) or the superuser" The directory
> /etc/mail/dkim has the correct ownership and permissions, but the parent
> directory /etc/mail does not.
> I can work around the problem by changing the ownership of /etc/mail to
> root. (but need to be careful, because I think /usr/sbin/sendmailconfig
> will change it back.)
> 
> I feel that if a configuration directory was created by the installer, all
> users could write their files there as well as the opendkim.conf file.  The
> installer could ensure the directory had the correct ownership and access
> permissions, so this error would not affect anyone else.  I suggest:
> /etc/opendkim/
> 
> What do you think?

I decided to go with /etc/dkimkeys and leave opendkim.conf where it is.  It's 
only the private keys that need special protection, not the config file.

Scott K


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to