Accepting request 817721 from security:dehydrated
- Update maintainer file and package description, remove features that are better described in the (upstream maintained) man page. - Remove potentially harmful scriptlet (bsc#1154167). Documented transition case in the maintainer README. Unlikely enough. The versions that have not transitioned yet would be broken for more than two years now. OBS-URL: https://build.opensuse.org/request/show/817721 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dehydrated?expand=0&rev=17
This commit is contained in:
commit
18d3be14bc
@ -150,7 +150,6 @@ where <domainname> should be the name of the first column in domains.txt
|
||||
Limitations & Ceveats
|
||||
=====================
|
||||
|
||||
* It is currently not possible to aqcuire Wildcard certificates
|
||||
* No EV- or OV-validated certificates
|
||||
* Certificates expire within weeks, not years. This is by design. Ensure that
|
||||
certificate renewal works and that daemons get reloaded frequently to pick
|
||||
@ -160,6 +159,13 @@ Limitations & Ceveats
|
||||
will be executed by the cron script / systemd timer *after* an update run
|
||||
has been performed.
|
||||
|
||||
Upgrade Notes
|
||||
=============
|
||||
|
||||
If you are upgrading from letsencrypt.sh, note that you need to move
|
||||
/etc/letsencrypt.sh to /etc/dehydrated and chown it to the "dehydrated"
|
||||
user.
|
||||
|
||||
Links
|
||||
=====
|
||||
|
||||
|
@ -1,3 +1,17 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 29 12:41:48 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||
|
||||
- Update maintainer file and package description, remove features
|
||||
that are better described in the (upstream maintained) man page.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 29 12:38:31 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||
|
||||
- Remove potentially harmful scriptlet (bsc#1154167). Documented
|
||||
transition case in the maintainer README. Unlikely enough. The
|
||||
versions that have not transitioned yet would be broken for more
|
||||
than two years now.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 6 12:34:56 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||
|
||||
|
@ -108,14 +108,7 @@ It uses the openssl utility for everything related to actually
|
||||
handling keys and certificates, so you need to have that installed.
|
||||
|
||||
Other dependencies are: curl, sed, grep, mktemp (all found on almost
|
||||
any system, curl being the only exception)
|
||||
|
||||
Current features:
|
||||
|
||||
* Signing of a list of domains
|
||||
* Signing of a CSR
|
||||
* Renewal if a certificate is about to expire or SAN (subdomains) changed
|
||||
* Certificate revocation
|
||||
any system, curl being the only exception).
|
||||
|
||||
%package %{_apache}
|
||||
Summary: Apache Integration for dehydrated
|
||||
@ -146,7 +139,6 @@ This adds a configuration file for dehydrated's acme-challenge to nginx.
|
||||
getent group %{_user} >/dev/null || %{_sbindir}/groupadd -r %{_user}
|
||||
getent passwd %{_user} >/dev/null || %{_sbindir}/useradd -g %{_user} \
|
||||
-s /bin/false -r -c "%{_user}" -d %{_home} %{_user}
|
||||
if [ -d %{_sysconfdir}/letsencrypt.sh ]; then mv %{_sysconfdir}/letsencrypt.sh %{_sysconfdir}/dehydrated; chown -R %{_user} %{_sysconfdir}/dehydrated; fi
|
||||
if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi
|
||||
|
||||
%if %{with systemd}
|
||||
|
Loading…
Reference in New Issue
Block a user