|
|
@@ -135,6 +135,15 @@ unifi_deploy() {
|
|
|
cp -f "$_import_pkcs12" "$_unifi_keystore"
|
|
|
fi
|
|
|
|
|
|
+ # correct file ownership according to the directory, the keystore is placed in
|
|
|
+ _unifi_keystore_dir=$(dirname "${_unifi_keystore}")
|
|
|
+ _unifi_keystore_dir_owner=$(ls -ld "${_unifi_keystore_dir}" | awk '{print $3}')
|
|
|
+ _unifi_keystore_owner=$(ls -l "${_unifi_keystore}" | awk '{print $3}')
|
|
|
+ if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ] ; then
|
|
|
+ _debug "Changing keystore owner to ${_unifi_keystore_dir_owner}"
|
|
|
+ chown $_unifi_keystore_dir_owner "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root
|
|
|
+ fi
|
|
|
+
|
|
|
# Update unifi service for certificate cipher compatibility
|
|
|
if ${ACME_OPENSSL_BIN:-openssl} pkcs12 \
|
|
|
-in "$_import_pkcs12" \
|
Alex