> Note that we can't just use umask 177 in the Debian version of this script > since Debian runs shibd as a non-root user and then won't be able to read > the certificate. For Debian, we should set the group ownership to the > shibd user we create and make the file group-readable.
If there's a better patch you'd like upstream for this use case, just add it to the SP bug report. I'm not shipping it any time soon, so whatever is easiest. -- Scott -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
