From 44ac0518349d8ed07581054ede66803161d06da3 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Wed, 12 Sep 2018 16:59:48 +0200
Subject: [PATCH] acme-sh: fix the unattended scripts. They failed to fix the
 permissions, so the certificate renewal would fail.

---
 letsencrypt-acme-sh-client/files/acme-sh-cron-script   | 4 +++-
 letsencrypt-acme-sh-client/files/acme-sh-install-certs | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/letsencrypt-acme-sh-client/files/acme-sh-cron-script b/letsencrypt-acme-sh-client/files/acme-sh-cron-script
index dafbe4dc..4af87ef8 100644
--- a/letsencrypt-acme-sh-client/files/acme-sh-cron-script
+++ b/letsencrypt-acme-sh-client/files/acme-sh-cron-script
@@ -12,10 +12,12 @@ else
     exit 1
 fi
 
-su - acme -s /bin/bash -c '/usr/local/bin/acme-sh-cron-command'
+chown -R acme:acme "$ACME_SH_HOME"
+sudo -u acme -s /bin/bash /usr/local/bin/acme-sh-cron-command
 
 if [ "$ACME_SH_INSTALL_CERTS" == "True" ] ; then
     $ACME_SH_BIN $ACME_SH_INSTALL_CERT_REQUEST > "$ACME_SH_INSTALL_LOG_FILE" 2>&1
+    chown -R acme:acme "$ACME_SH_HOME"
 fi
 
 exit $?
diff --git a/letsencrypt-acme-sh-client/files/acme-sh-install-certs b/letsencrypt-acme-sh-client/files/acme-sh-install-certs
index 283887b9..b3d1d3e7 100644
--- a/letsencrypt-acme-sh-client/files/acme-sh-install-certs
+++ b/letsencrypt-acme-sh-client/files/acme-sh-install-certs
@@ -18,5 +18,6 @@ if [ -d "$ACME_SH_HOME/keys/fakeselfsignedcert" -a -d "$ACME_SH_HOME/certs/fakes
 fi
 
 $ACME_SH_BIN $ACME_SH_INSTALL_CERT_REQUEST > "$ACME_SH_INSTALL_LOG_FILE" 2>&1
+chown -R acme:acme "$ACME_SH_HOME"
 
 exit $?