Wrong user/group on pkg coturn Debian Buster

Eric Delcamp eric.delcamp at gmail.com
Wed Jul 22 23:09:17 BST 2020


Hello,
coturn package for Debian Buster (current stable) ships with
turnserver/turnserver as user/group for systemd scripts.
This forbids coturn to read TLS privkey.pem, since only root should be able
to read privkey.pem.

Normal behaviour, as most applications such as nginx do, is to launch
coturn as root, read cert/pkey then downgrade rights to non-root (user
defined as proc-user, proc-group in /etc/turnserver.conf).
So systemd scripts should select root instead of turnserver.

Best,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-voip-maintainers/attachments/20200723/bd6539ae/attachment.html>


More information about the Pkg-voip-maintainers mailing list