zmeventnotification and letsencrypt permission issues

Discussion topics related to mobile applications and ZoneMinder Event Server (including machine learning)
Post Reply
SkippyDo
Posts: 219
Joined: Mon Nov 20, 2017 6:49 pm

zmeventnotification and letsencrypt permission issues

Post by SkippyDo »

Original installation makes note of permission issues with letsencrypt. I have found that permission issues pop back up every time that letsencrypt renewal occurs: zmeventnotification.pl exits with a permission denied error. Is there a way to resolve this w/o having to discover the issue and manually correct (change permission on private key)?

OS: Debian 10.

Owner needs to be www-data (letsencrypt creates new private keys with owner "root," mode 0700).
User avatar
asker
Posts: 1553
Joined: Sun Mar 01, 2015 12:12 pm

Re: zmeventnotification and letsencrypt permission issues

Post by asker »

This seems to be a recurring topic in letsencrypt forums. I haven’t research or tried but when I did a search I came up with posts that talk about a deploy script for LE that basically changes permissions. These scripts get triggered by LE automatically when certs are renewed.

There are many posts - I read this https://community.letsencrypt.org/t/how ... ces/2690/9
I no longer work on zmNinja, zmeventnotification, pyzm or mlapi. I may respond on occasion based on my available time/interest.

Please read before posting:
How to set up logging properly
How to troubleshoot and report - ES
How to troubleshoot and report - zmNinja
ES docs
zmNinja docs
SkippyDo
Posts: 219
Joined: Mon Nov 20, 2017 6:49 pm

Re: zmeventnotification and letsencrypt permission issues

Post by SkippyDo »

Many thanks! That got me pointed in the right direction.

More info on letsencrypt and cert renewals:

https://certbot.eff.org/docs/using.html ... rtificates

Looks like I only need to create a simple script to change the owner on the newly created privkey file (to www-data) and locate the script in the 'deploy' directory.
Post Reply