[Pkg-exim4-users] regenerating certificates
Ross Boylan
ross at biostat.ucsf.edu
Fri May 23 18:39:22 UTC 2008
On Fri, 2008-05-23 at 18:26 +0200, Marc Haber wrote:
> On Mon, May 19, 2008 at 11:05:21AM -0700, Ross Boylan wrote:
> > Attached. It looks as if it's trying to access ~/.rnd, though there may
> > be others before that.
>
> > 14507 open("~/.rnd", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 ENOENT (No such file or directory)
> > 14507 write(2, "unable to write \'random state\'\n", 31) = 31
>
> I can just guess that openssl does not grok the ~ notation. Can you
> try hacking and replace
> RANDFILE = ~/.rnd
> with
> RANDFILE = $HOME/.rnd
> and see if the error persists.
Good guess! That solves the problem. The error message does not appear
on the terminal, and the strace shows /root/.rnd being accessed without
problem.
I'm a little surprised it ran at all; maybe it falls back to some
standard system source of entropy? Is the old configuration a security
risk?
Maybe it only happens in some environments. I logged in as myself, and
then sux'd to root before running the script.
>
> If that's really the cause, this has been there for years without
> anybody noticing.
>
> Greetings
> Marc
>
More information about the Pkg-exim4-users
mailing list