either create a cert group and give that group permission to the certs, or add a handler to distribute the cert+key on renew to your service’s folder, and change owner/group to whats relevant to the service
-rw-rwxr-- 1 root certgroup 2864 Jul 14 01:07 fullchain1.pem
-rw-rwxr-- 1 root certgroup 241 Jul 14 01:07 privkey1.pem
What if I have such permissions, but coturn still can’t access to files?
First of all you'd need to make sure that coturn is in the "certgroup" group. Or it won't help.
Secondly, those are just the two files. "certgroup" might still be unable to open them if the directory permissions don't allow opening the directory in the first place. And we can't tell from just the two lines. Make sure all the parent directories also allow traversing to that location. "rX" are required to read and open a directory.
What if I created new directory and copy one of certificate there(manually, using nano), then I gave all permissions to folder and this certificate, but coturn still can’t access this cert?
Oisteink@feddit.nl 4 months ago
either create a cert group and give that group permission to the certs, or add a handler to distribute the cert+key on renew to your service’s folder, and change owner/group to whats relevant to the service
someoneFromInternet@lemmy.ml 4 months ago
-rw-rwxr-- 1 root certgroup 2864 Jul 14 01:07 fullchain1.pem -rw-rwxr-- 1 root certgroup 241 Jul 14 01:07 privkey1.pem What if I have such permissions, but coturn still can’t access to files?
hendrik@palaver.p3x.de 4 months ago
First of all you'd need to make sure that coturn is in the "certgroup" group. Or it won't help.
Secondly, those are just the two files. "certgroup" might still be unable to open them if the directory permissions don't allow opening the directory in the first place. And we can't tell from just the two lines. Make sure all the parent directories also allow traversing to that location. "rX" are required to read and open a directory.
someoneFromInternet@lemmy.ml 4 months ago
What if I created new directory and copy one of certificate there(manually, using nano), then I gave all permissions to folder and this certificate, but coturn still can’t access this cert?