Diff Detail
Diff Detail
- Repository
- rP FreeBSD ports repository
- Lint
No Lint Coverage - Unit
No Test Coverage - Build Status
Buildable 6662 Build 6880: arc lint + arc unit
Event Timeline
Comment Actions
Sorry to leave this laying around for so long...
The whole premise of acme-client is that it runs as root but drops privileges for any operation that doesn't require root.
Check the documentation on https://kristaps.bsd.lv/acme-client/
Your change only changes the user that root drops privs to. I don't see any value in that, am I missing something?
Comment Actions
The rationale is that it does not use the "shared" nobody. I have disabled outgoing network traffic on my server, and having a separate user for acme-client allows to whitelist that user and therefore that "service" only.
Comment Actions
Understood. Do you already have this running on your systems?
It will take me a while before I have certs that need to renew ๐