Am 13.01.2013 um 18:13 schrieb Christian Rößner <cr@sys4.de>:
6537 1020 open("/etc/ssl/private/mx0.roessner-net.de.key.pem", O_RDONLY) = -1 EACCES (Permission denied)
I had messed up ACLs for this file. After creating private and key again with correct setfacl command, everything works as expected. Sorry for the noice, but this was really hard to find out.
Wrong:
getfacl private/
file: private
owner: root
group: ssl-cert
flags: -s-
user::rwx user:amavis:r-x group::--- mask::r-x other::---
Right:
getfacl private/
file: private/
owner: root
group: ssl-cert
user::rwx user:amavis:r-x group::r-x mask::r-x other::---
So as you can see the group settings got lost…
Thanks
-Christian Rößner
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich