[stunnel-users] stunnel4 user + permissions

nick.hoffman at altcall.com nick.hoffman at altcall.com
Tue Oct 4 01:03:49 CEST 2005


Hey guys, I've been using stunnel for a while and it's great. I've noticed
something that doesn't make much sense to me though, so I was wondering if
you might be able to shed some light.

Stunnel runs as user:group stunnel4:stunnel4. The server reads client
certs (for verify = 3) from /etc/stunnel/certs/ which is chown'd
root:ssl-certs and chmod'd 750. The client PEMs in that directory have the
same ownership and permissions. User stunnel4 is in the ssl-certs group.

When a client connects, the server is unable to read from
/etc/stunnel/certs/. If I change the ownership of the directory to
root:stunnel4 though, everything works. Any idea why this occurs?

Cheers,
Nick




More information about the stunnel-users mailing list