Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#927444: matrix-synapse: homeserver.signing.key is created only when "Name of the server" is defined at install time
104 views
Skip to first unread message
sergio
Apr 19, 2019, 7:20:03 PM4/19/19
to
Package: matrix-synapse
Version: 0.99.2-3
Severity: normal
/tmp/reportbug-matrix-synapse-backup-20190420-3493-4ct245d0
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (800, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.0.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages matrix-synapse depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii libjs-jquery 3.3.1~dfsg-1
ii libpython3-stdlib 3.7.3-1
ii lsb-base 10.2019031300
ii python3 3.7.3-1
ii python3-attr 18.2.0-1
ii python3-bcrypt 3.1.6-1
ii python3-canonicaljson 1.1.4-2
ii python3-daemonize 2.4.7-2
ii python3-distutils 3.7.3-1
ii python3-frozendict 1.2-1
ii python3-jsonschema 2.6.0-4
ii python3-msgpack 0.5.6-1+b1
ii python3-nacl 1.3.0-2
ii python3-netaddr 0.7.19-1
ii python3-openssl 19.0.0-1
ii python3-phonenumbers 8.9.10-1
ii python3-pil 5.4.1-2
ii python3-prometheus-client 0.6.0-1
ii python3-psutil 5.5.1-1
ii python3-pyasn1 0.4.2-3
ii python3-pyasn1-modules 0.2.1-0.2
ii python3-pymacaroons 0.13.0-2
ii python3-service-identity 16.0.0-2
ii python3-signedjson 1.0.0+git20151019-2
ii python3-six 1.12.0-1
ii python3-sortedcontainers 2.0.4-1
ii python3-systemd 234-2+b1
ii python3-treq 18.6.0-0.1
ii python3-twisted 18.9.0-3
ii python3-unpaddedbase64 1.1.0-4
ii python3-yaml 3.13-2
Versions of packages matrix-synapse recommends:
pn python3-bleach <none>
pn python3-jinja2 <none>
pn python3-lxml <none>
pn python3-psycopg2 <none>
Versions of packages matrix-synapse suggests:
pn python3-txacme <none>
-- debconf-show failed
Version: 0.99.2-3
Severity: normal
/tmp/reportbug-matrix-synapse-backup-20190420-3493-4ct245d0
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (800, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.0.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages matrix-synapse depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.71
ii libjs-jquery 3.3.1~dfsg-1
ii libpython3-stdlib 3.7.3-1
ii lsb-base 10.2019031300
ii python3 3.7.3-1
ii python3-attr 18.2.0-1
ii python3-bcrypt 3.1.6-1
ii python3-canonicaljson 1.1.4-2
ii python3-daemonize 2.4.7-2
ii python3-distutils 3.7.3-1
ii python3-frozendict 1.2-1
ii python3-jsonschema 2.6.0-4
ii python3-msgpack 0.5.6-1+b1
ii python3-nacl 1.3.0-2
ii python3-netaddr 0.7.19-1
ii python3-openssl 19.0.0-1
ii python3-phonenumbers 8.9.10-1
ii python3-pil 5.4.1-2
ii python3-prometheus-client 0.6.0-1
ii python3-psutil 5.5.1-1
ii python3-pyasn1 0.4.2-3
ii python3-pyasn1-modules 0.2.1-0.2
ii python3-pymacaroons 0.13.0-2
ii python3-service-identity 16.0.0-2
ii python3-signedjson 1.0.0+git20151019-2
ii python3-six 1.12.0-1
ii python3-sortedcontainers 2.0.4-1
ii python3-systemd 234-2+b1
ii python3-treq 18.6.0-0.1
ii python3-twisted 18.9.0-3
ii python3-unpaddedbase64 1.1.0-4
ii python3-yaml 3.13-2
Versions of packages matrix-synapse recommends:
pn python3-bleach <none>
pn python3-jinja2 <none>
pn python3-lxml <none>
pn python3-psycopg2 <none>
Versions of packages matrix-synapse suggests:
pn python3-txacme <none>
-- debconf-show failed
Russell Coker
Apr 7, 2022, 12:00:04 AM4/7/22
to
The way things currently work in 1.55.0-1~bpo11+1 is that the signing key is
created on daemon startup. This means that the daemon needs write access to
the configuration directory which it doesn't need during normal operation.
For the principle of least privilege I prefer to have all daemons running
without the need to modify their own configuration, which means having the
signing key created before the daemon starts.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
created on daemon startup. This means that the daemon needs write access to
the configuration directory which it doesn't need during normal operation.
For the principle of least privilege I prefer to have all daemons running
without the need to modify their own configuration, which means having the
signing key created before the daemon starts.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
0 new messages