diff options
| author | Guilhem Moulin <guilhem@debian.org> | 2021-02-15 00:32:29 +0100 | 
|---|---|---|
| committer | Guilhem Moulin <guilhem@debian.org> | 2021-02-22 03:31:12 +0100 | 
| commit | a321c90db4a6d323f1a9bc06c4d861cee8868664 (patch) | |
| tree | 7804d619f5198b4387fb64b78f1742035d80fd78 /README | |
| parent | f08eeeed6abaea2d6dbe8fd801eb0acd187e23d0 (diff) | |
Use dedicated system users for internal components.
  * The internal webserver now runs as a dedicated system user _lacme-www
    (and group nogroup) instead of www-data:www-data.  This is configurable
    in the [webserver] section of the lacme(8) configuration file.
  * The internal ACME client now runs as a dedicated system user _lacme-client
    (and group nogroup) instead of nobody:nogroup.  This is configurable in
    the [client] section of the lacme(8) configuration file.
  * The _lacme-www and _lacme-client system users are created automatically by
    lacme.postinst (hence a new Depends: adduser), and deleted on purge.  (So
    make sure not to chown any file to these internal users.)
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions
