From a321c90db4a6d323f1a9bc06c4d861cee8868664 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@debian.org>
Date: Mon, 15 Feb 2021 00:32:29 +0100
Subject: Use dedicated system users for internal components.

  * The internal webserver now runs as a dedicated system user _lacme-www
    (and group nogroup) instead of www-data:www-data.  This is configurable
    in the [webserver] section of the lacme(8) configuration file.
  * The internal ACME client now runs as a dedicated system user _lacme-client
    (and group nogroup) instead of nobody:nogroup.  This is configurable in
    the [client] section of the lacme(8) configuration file.
  * The _lacme-www and _lacme-client system users are created automatically by
    lacme.postinst (hence a new Depends: adduser), and deleted on purge.  (So
    make sure not to chown any file to these internal users.)
---
 debian/control | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'debian/control')

diff --git a/debian/control b/debian/control
index 91bdac2..07419a2 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,8 @@ Vcs-Browser: https://salsa.debian.org/debian/lacme
 
 Package: lacme
 Architecture: all
-Depends: libconfig-tiny-perl,
+Depends: adduser,
+         libconfig-tiny-perl,
          libjson-perl,
          libnet-ssleay-perl,
          libtimedate-perl,
-- 
cgit v1.2.3