forked from pool/dehydrated
Accepting request 817721 from security:dehydrated
- Update maintainer file and package description, remove features that are better described in the (upstream maintained) man page. - Remove potentially harmful scriptlet (bsc#1154167). Documented transition case in the maintainer README. Unlikely enough. The versions that have not transitioned yet would be broken for more than two years now. OBS-URL: https://build.opensuse.org/request/show/817721 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dehydrated?expand=0&rev=17
This commit is contained in:
commit
18d3be14bc
@ -150,7 +150,6 @@ where <domainname> should be the name of the first column in domains.txt
|
|||||||
Limitations & Ceveats
|
Limitations & Ceveats
|
||||||
=====================
|
=====================
|
||||||
|
|
||||||
* It is currently not possible to aqcuire Wildcard certificates
|
|
||||||
* No EV- or OV-validated certificates
|
* No EV- or OV-validated certificates
|
||||||
* Certificates expire within weeks, not years. This is by design. Ensure that
|
* Certificates expire within weeks, not years. This is by design. Ensure that
|
||||||
certificate renewal works and that daemons get reloaded frequently to pick
|
certificate renewal works and that daemons get reloaded frequently to pick
|
||||||
@ -160,6 +159,13 @@ Limitations & Ceveats
|
|||||||
will be executed by the cron script / systemd timer *after* an update run
|
will be executed by the cron script / systemd timer *after* an update run
|
||||||
has been performed.
|
has been performed.
|
||||||
|
|
||||||
|
Upgrade Notes
|
||||||
|
=============
|
||||||
|
|
||||||
|
If you are upgrading from letsencrypt.sh, note that you need to move
|
||||||
|
/etc/letsencrypt.sh to /etc/dehydrated and chown it to the "dehydrated"
|
||||||
|
user.
|
||||||
|
|
||||||
Links
|
Links
|
||||||
=====
|
=====
|
||||||
|
|
||||||
|
@ -1,3 +1,17 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jun 29 12:41:48 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||||
|
|
||||||
|
- Update maintainer file and package description, remove features
|
||||||
|
that are better described in the (upstream maintained) man page.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jun 29 12:38:31 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||||
|
|
||||||
|
- Remove potentially harmful scriptlet (bsc#1154167). Documented
|
||||||
|
transition case in the maintainer README. Unlikely enough. The
|
||||||
|
versions that have not transitioned yet would be broken for more
|
||||||
|
than two years now.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed May 6 12:34:56 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
Wed May 6 12:34:56 UTC 2020 - Daniel Molkentin <daniel.molkentin@suse.com>
|
||||||
|
|
||||||
|
@ -108,14 +108,7 @@ It uses the openssl utility for everything related to actually
|
|||||||
handling keys and certificates, so you need to have that installed.
|
handling keys and certificates, so you need to have that installed.
|
||||||
|
|
||||||
Other dependencies are: curl, sed, grep, mktemp (all found on almost
|
Other dependencies are: curl, sed, grep, mktemp (all found on almost
|
||||||
any system, curl being the only exception)
|
any system, curl being the only exception).
|
||||||
|
|
||||||
Current features:
|
|
||||||
|
|
||||||
* Signing of a list of domains
|
|
||||||
* Signing of a CSR
|
|
||||||
* Renewal if a certificate is about to expire or SAN (subdomains) changed
|
|
||||||
* Certificate revocation
|
|
||||||
|
|
||||||
%package %{_apache}
|
%package %{_apache}
|
||||||
Summary: Apache Integration for dehydrated
|
Summary: Apache Integration for dehydrated
|
||||||
@ -146,7 +139,6 @@ This adds a configuration file for dehydrated's acme-challenge to nginx.
|
|||||||
getent group %{_user} >/dev/null || %{_sbindir}/groupadd -r %{_user}
|
getent group %{_user} >/dev/null || %{_sbindir}/groupadd -r %{_user}
|
||||||
getent passwd %{_user} >/dev/null || %{_sbindir}/useradd -g %{_user} \
|
getent passwd %{_user} >/dev/null || %{_sbindir}/useradd -g %{_user} \
|
||||||
-s /bin/false -r -c "%{_user}" -d %{_home} %{_user}
|
-s /bin/false -r -c "%{_user}" -d %{_home} %{_user}
|
||||||
if [ -d %{_sysconfdir}/letsencrypt.sh ]; then mv %{_sysconfdir}/letsencrypt.sh %{_sysconfdir}/dehydrated; chown -R %{_user} %{_sysconfdir}/dehydrated; fi
|
|
||||||
if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi
|
if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi
|
||||||
|
|
||||||
%if %{with systemd}
|
%if %{with systemd}
|
||||||
|
Loading…
Reference in New Issue
Block a user