Browse Source

Avoid stig failures when installing xmpp

Bob Mottram 7 years ago
parent
commit
a4e25d5dc0
1 changed files with 11 additions and 0 deletions
  1. 11
    0
      src/freedombone-app-xmpp

+ 11
- 0
src/freedombone-app-xmpp View File

@@ -1051,6 +1051,17 @@ function install_xmpp {
1051 1051
     chmod -R 700 /etc/prosody/conf.d
1052 1052
     usermod -a -G www-data prosody
1053 1053
 
1054
+    # Avoid STIG failures
1055
+    if [ -f /usr/lib/ssl/private/xmpp.key ]; then
1056
+        chown root:root /usr/lib/ssl/private/xmpp.key
1057
+    fi
1058
+    if [ -f /usr/lib/ssl/certs/xmpp.crt ]; then
1059
+        chown root:root /usr/lib/ssl/certs/xmpp.crt
1060
+    fi
1061
+    if [ -f /usr/lib/ssl/certs/xmpp.dhparam ]; then
1062
+        chown root:root /usr/lib/ssl/certs/xmpp.dhparam
1063
+    fi
1064
+
1054 1065
     if [ -d /etc/letsencrypt ]; then
1055 1066
         usermod -a -G ssl-cert prosody
1056 1067
     fi