Autor: Graeme Fowler Data: Para: exim-users Assunto: Re: [exim] A study of failing tls certs,
with valid certificate files
On 9 Jan 2023, at 12:05, Jeremy Harris via Exim-users <exim-users@???> wrote: > It wouldn't be an OpenSSL change. Exim (since 4.95) on both Linux
> and FreeBSD platforms[*] sets a watch on the relevant directories and files,
> and (supposedly) reloads certs when they change. Best guess is that
> this mechanism failed for some reasons.
Could it be that the path - a symlink to a symlink to a file - wasn't fully dereferenced, so from Exim's perspective the file hadn't changed? ISTR that inotofy used to (many years ago), but that was changed somwhere in the kernel 2.x days.
[searches...]
Perhaps. Although I did find a bug (2909) and the commit to fix it (a1ec98d). If I'm reading the Fedora changelog properly, that commit is not in the RPM the OP is running because it post-dates the 4.96 release. Although it's unclear if it'll fix the issue cleanly, because there are two symlinks before the actual file!