I ran into an issue recently where running this command:
doas -u acme uacme -v www.domain.com
resulted in the somewhat cryptic message:
uacme: failed to stat www.domain.com: Permission denied
This was a result of running uacme as an unprivileged user while in a directory to which it has no read-access (ie /root), which then causes this call to fail, since uacme doesn't know whether the single argument is for a CSR file or a domain name.
Would it be possible to check if the stat error is due to permission denied instead of just a missing file, or alternatively add an additional command-line flag to force uacme to treat the input as a domain name instead of a file? I think it would at least be good to have a better error message, since I assumed it was due to uacme not having access to one of the directories it needed for writing the certificates.
gjabell
commented
3 years ago
I ran into an issue recently where running this command:
resulted in the somewhat cryptic message:
This was a result of running uacme as an unprivileged user while in a directory to which it has no read-access (ie
/root), which then causes this call to fail, since uacme doesn't know whether the single argument is for a CSR file or a domain name.Would it be possible to check if the
staterror is due to permission denied instead of just a missing file, or alternatively add an additional command-line flag to force uacme to treat the input as a domain name instead of a file? I think it would at least be good to have a better error message, since I assumed it was due to uacme not having access to one of the directories it needed for writing the certificates.