On Fri, 2008-05-30 at 15:49 +0200, Dan Horák wrote:
Hi,
I have gone through the patches that are used in the Fedora package and probably only the "mkcert-permissions" [1] can be considered to be included upstream. It is dated into package version 1.0-0.beta2.3, but I cannot find any particular reason for the inclusion (like a bug in bugzilla, etc.).
Certificate file is public data, so chmoding it to 0600 doesn't really do any good. As for chowning the files to root:root, that's probably good if you use the script to generate certificates automatically, but I don't think the script should always do that since it may be run as non-root.
Some (winbind support, quota warnings) were obsoleted by dovecot 1.1, two are used for distro specific settings. So the only real patch that remains is the "pam_setcred" [2] patch that fixes https://bugzilla.redhat.com/show_bug.cgi?id=146198
Unnecessary (with v1.0 too). pam_setcred() is called only if setcred=yes is added to pam args.