> Note that we can't just use umask 177 in the Debian version of this script
> since Debian runs shibd as a non-root user and then won't be able to read
> the certificate.  For Debian, we should set the group ownership to the
> shibd user we create and make the file group-readable.

If there's a better patch you'd like upstream for this use case, just add it
to the SP bug report. I'm not shipping it any time soon, so whatever is
easiest.

-- Scott





-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to