1 |
On 17/06/17 11:47, Sven Vermeulen wrote: |
2 |
> I generally try to make sure that it is the right domain before adding the |
3 |
> privilege. In the denial, the command that is being denied access is |
4 |
> "ca-certificates". Is that a script from ddclient, or does ddclient trigger |
5 |
> an (external) script and should we perhaps look at a potential domain |
6 |
> transition here? |
7 |
|
8 |
Hi and thanks for the reply. |
9 |
|
10 |
I had assumed this was the file of that name in /etc/ssl/certs but your |
11 |
comment made me check the inode and I was wrong. It is actually a |
12 |
directory "/usr/share/ca-certificates" which also has the "cert_t" |
13 |
context. There is no script by that name associated with ddclient so I |
14 |
guess ddclient is trying to (via openssl) access this directory/path? |
15 |
|
16 |
Robert |