27 lines
992 B
Plaintext
27 lines
992 B
Plaintext
|
Disable chroot setting from default sample config. Using this requires more
|
||
|
|
tought from te user, including the logrotate configuration, and so it is
|
||
|
|
misleading to have it on as default.
|
||
|
|
|
||
|
|
This does not affect any current instalation, as this is only shipped as a
|
||
|
|
sample for users.
|
||
|
|
|
||
|
|
Index: stunnel4/tools/stunnel.conf-sample.in
|
||
|
|
===================================================================
|
||
|
|
--- stunnel4.orig/tools/stunnel.conf-sample.in
|
||
|
|
+++ stunnel4/tools/stunnel.conf-sample.in
|
||
|
|
@@ -9,10 +9,11 @@
|
||
|
|
|
||
|
|
; A copy of some devices and system files is needed within the chroot jail
|
||
|
|
; Chroot conflicts with configuration file reload and many other features
|
||
|
|
-chroot = @localstatedir@/lib/stunnel4/
|
||
|
|
+; Remember also to update the logrotate configuration.
|
||
|
|
+;chroot = @localstatedir@/lib/stunnel4/
|
||
|
|
; Chroot jail can be escaped if setuid option is not used
|
||
|
|
-setuid = stunnel4
|
||
|
|
-setgid = stunnel4
|
||
|
|
+;setuid = stunnel4
|
||
|
|
+;setgid = stunnel4
|
||
|
|
|
||
|
|
; PID is created inside the chroot jail
|
||
|
|
pid = /stunnel4.pid
|