!49 [sync] PR-44: fix sendmail.pem unsafe

From: @openeuler-sync-bot Reviewed-by: @t_feng Signed-off-by: @t_feng
2022-12-15 11:02:34 +00:00 · 2022-12-15 11:02:34 +00:00 · f075616933
commit f075616933
parent 690d24c84b c59c68c311
1 changed files with 8 additions and 2 deletions
--- a/sendmail.spec
+++ b/sendmail.spec
@ -1,6 +1,6 @@
 Name:          sendmail
 Version:       8.17.1
-Release:       5
+Release:       6
 Summary:       A classic mail transfer agent from the Unix world
 License:       Sendmail
 URL:           http://www.sendmail.org/
@ -344,7 +344,7 @@ if [ ! -f %{_sysconfdir}/pki/tls/certs/sendmail.pem ]; then
    %{_bindir}/openssl req -new -key %{_sysconfdir}/pki/tls/private/sendmail.key -x509 -sha256 \
        -days 365 -set_serial $RANDOM -out %{_sysconfdir}/pki/tls/certs/sendmail.pem \
        -subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
-    chmod 644 %{_sysconfdir}/pki/tls/certs/sendmail.pem
+    chmod 600 %{_sysconfdir}/pki/tls/certs/sendmail.pem
 fi

 exit 0
@ -467,6 +467,12 @@ exit 0


 %changelog
+* Tue Dec 13 2022 xinghe <xinghe2@h-partners.com> - 8.17.1-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: fix sendmail.pem unsafe
+
 * Wed Oct 12 2022 yanglu<yanglu72@h-partners.com> - 8.17.1-5
 - Type:bugfix
 - ID:NA