X-Git-Url: http://ftp.carnet.hr/pub/carnet-debian/scm?a=blobdiff_plain;f=debian%2Fpostinst;h=a3d415098d95dc5a442a86dd888919d0af5c12ee;hb=a629034858292de78bd7f037c9e6ce89f5ee50f4;hp=d0f161d8582c99ba610fadca45191aee8679ed1f;hpb=b5e4cb91d48b27bc0c0c750fd4622a063ffe1946;p=bacula-cn.git

diff --git a/debian/postinst b/debian/postinst
index d0f161d..a3d4150 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -52,7 +52,7 @@ Director {
   # directors to verify the authenticity of this file daemon
   TLS Certificate = "/etc/bacula/bacula-fd.pem"
   TLS Key = "/etc/bacula/bacula-fd.pem"
-  TLS DH File = "/etc/bacula/dh1024.pem"
+  TLS DH File = "/etc/bacula/dh2048.pem"
 }
 
 #
@@ -131,7 +131,7 @@ EOF
 }
 
 generate_dh() {
-    DH_FILE=/etc/bacula/dh1024.pem
+    DH_FILE=/etc/bacula/dh2048.pem
 
     if [ -s $DH_FILE ]; then
         echo $DH_FILE already exists, skipping.
@@ -139,7 +139,9 @@ generate_dh() {
         umask 077
 
         echo Generating $DH_FILE
-        openssl dhparam -out $DH_FILE -5 1024
+        ###openssl dhparam -out $DH_FILE -5 1024
+        openssl dhparam -out $DH_FILE -2 2048
+ 	
     fi
 }
 
@@ -256,6 +258,10 @@ EOF
     # cleanup
     rm -f $DF_FILE $DB_FILE $FD_FILE $PEM_FILE
 
+    ### fix privileges 
+    chown root:bacula /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf
+    chmod 640 /etc/bacula/bacula-fd.pem /etc/bacula/bacula-fd.conf /etc/bacula/bconsole.conf  
+
     # report problems
     if [ ! -e $REQUEST_FILE ]; then
         db_input high bacula-cn/request-failed || true