|
@@ -1051,6 +1051,17 @@ function install_xmpp {
|
1051
|
1051
|
chmod -R 700 /etc/prosody/conf.d
|
1052
|
1052
|
usermod -a -G www-data prosody
|
1053
|
1053
|
|
|
1054
|
+ # Avoid STIG failures
|
|
1055
|
+ if [ -f /usr/lib/ssl/private/xmpp.key ]; then
|
|
1056
|
+ chown root:root /usr/lib/ssl/private/xmpp.key
|
|
1057
|
+ fi
|
|
1058
|
+ if [ -f /usr/lib/ssl/certs/xmpp.crt ]; then
|
|
1059
|
+ chown root:root /usr/lib/ssl/certs/xmpp.crt
|
|
1060
|
+ fi
|
|
1061
|
+ if [ -f /usr/lib/ssl/certs/xmpp.dhparam ]; then
|
|
1062
|
+ chown root:root /usr/lib/ssl/certs/xmpp.dhparam
|
|
1063
|
+ fi
|
|
1064
|
+
|
1054
|
1065
|
if [ -d /etc/letsencrypt ]; then
|
1055
|
1066
|
usermod -a -G ssl-cert prosody
|
1056
|
1067
|
fi
|