[Pkg-xmpp-devel] Bug#1004662: prosody: postinst keeps messing with snakeoil certs
Julien Cristau
jcristau at debian.org
Mon Jan 31 11:21:20 GMT 2022
Package: prosody
Version: 0.11.13-1
Severity: serious
Control: found -1 0.11.9-2+deb11u2
X-Debbugs-Cc: jcristau at debian.org
prosody's postinst seems to insist on creating
/etc/prosody/certs/localhost.{crt,key}, but does this in a fragile way.
They're created as symlinks, but the call to ln is guarded by "test -e",
which doesn't actually test for the existence of a symlink, and returns
false if the symlink exists but is dangling.
It seems to me these links should only be created on first install, if
anything, and not re-created at each postinst invocation, especially if
the actual configuration doesn't use it.
The recent security updates resulted in:
> Setting up prosody (0.11.9-2+deb11u2) ...
> ln: failed to create symbolic link '/etc/prosody/certs/localhost.crt': File exists
> dpkg: error processing package prosody (--configure):
> installed prosody package post-installation script subprocess returned error exit status 1
until I went and manually deleted the dangling symlinks.
Cheers,
Julien
More information about the Pkg-xmpp-devel
mailing list