Tag Archives: #Fedora

SSL not working: certificate verify failed (18)

If your ssmtp persistently returns a “SSL not working: certificate verify failed (18)” in logs, and you do have “TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt” in your conf, and you do use a self-signed certificate, try adding the certificate in “/usr/share/pki/ca-trust-source/anchors/” (Fedora 22 directory, may vary for other distros) and then re-try the mailer agian.

Fedora 21 and the spirit of changes

While the infamous systemd brought into the Linux community through the gates of Fedora is in its peak of sowing, yet another sensitive detail regarding Fedora was recently brought to my attention: bitlord from LUGoNS noticed a supposed behaviour for 21 that he soon reported to the tracker:

https://fedorahosted.org/fesco/ticket/1337

To me, the most interesting part of the thread was the initial reaction of many of the community members, derogating the issue of a program (NetworkManager) pinging the world in a pretty conspirational manner.

Binding GNOME3 so tightly to fully linux-centric systemd (and vice-versa, making reserved space for GNOME3 manoeuvring inside systemd space) was an obvious demonstration of the force, but it was an open one, clearly visible from all points of interest. “A pinging service” within the NetworkManager is far less obvious, so if it becomes a model of incorporation of novelties for Fedora, it will become a very bitter vector of equally bitter change.

As Peter Mlakar once read for Laibach, I too do not like moralities and surely even less like to preach about moralities, but the ideas that becomes obsessed with moral values (and the distros that take the leadership away from technical persons just to give it to the lawyers) is now forcing me to do so.

Or I can quietly and completely switch to something I still consider sane, like OpenBSD…

Fedora’s SELinux prevents nginx to read and write in a directory

I’ve pulled a git repo in /srv/poligon through Eclipse, so I could avoid messing with the permissions for the home directory while testing the changes on the localhost, too. After setting the directory’s permissions, a localhost’s nginx still wasn’t able to access pages there; SELinux is set to “enforcing” by default in Fedora 20, so you’ll need another permissions’ setting for the directory:

chcon -R -t httpd_sys_rw_content_t /srv/poligon/

After this change, nginx should be able to pass the pages to php-fpm without problems on a SELinux enforcing host.