diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-25 01:41:59 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-25 10:30:22 +0100 |
| commit | 9a8f705eddd18ccc9a24fe0e7efe6b5a87b2be09 (patch) | |
| tree | b2adb720a6201660d9000c1990e82479b4649a50 /tests/drop-privileges | |
| parent | f09c95ea97c9bdee92f7c7622689aed540373a73 (diff) | |
lacme: pass a temporary JSON file with the client configuration to the internal client.
So it doesn't have to parse the INI file again. Also, while lacme.conf
is world-readable by default, one might restrict permissions and add
private information in there, not realizing that everything, including
comments, will be readable by the client.
Diffstat (limited to 'tests/drop-privileges')
| -rw-r--r-- | tests/drop-privileges | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/drop-privileges b/tests/drop-privileges index fd432d9..8deb8f1 100644 --- a/tests/drop-privileges +++ b/tests/drop-privileges @@ -123,8 +123,8 @@ check_client() { grep -Exq "[0-9]+ 0700 $UID:$GID socket:\[[0-9]+\]" "$prefix/fd" || return 1 sed -ri '0,\#^[0-9]+ .* socket:\[[0-9]+\]$# {//d}' "$prefix/fd" - grep -Exq "[0-9]+ 0500 $UID:$GID /etc/lacme/lacme\.conf" "$prefix/fd" || return 1 - sed -ri '0,\#^[0-9]+ .* /etc/lacme/lacme\.conf$# {//d}' "$prefix/fd" + grep -Eq "^[0-9]+ 0500 $UID:$GID /tmp/lacme-client.conf\.json-" "$prefix/fd" || return 1 + sed -ri '0,\#^[0-9]+ .* /tmp/lacme-client.conf\.json-# {//d}' "$prefix/fd" ! test -s "$prefix/fd" || return 1 } check_webserver() { |