When I sshed into my server today, it said I had mail. I checked /var/mail/{myuser} and got a mail from caddy. The title was “SECURITY information for {hostname}”. The message was this.
caddy : user NOT in sudoers ; PWD=/ ; USER=root ; COMMAND=/usr/bin/tee /usr/local/share/ca-certificates/Caddy_Local_Authority_-_2025_ECC_Root_31435960950297150297199787413716908247066220.crt
I’m still learning this self-hosting thing, I know enough to set stuff up but I still know barely anything about security, and the message looks kinda scary, so I would like to know what it means, thanks in advance. Note that I was messing around with Caddy and stuff yesterday, so maybe that has something to do with it, but I’m not sure.
You’re likely looking for this docs section for Caddy. The failure is the automated request to populate Caddy’s root CA cert to the host system, but obviously failed as it doesn’t have root permissions. As the docs state, if you intend to use the local HTTPS functionality of Caddy, you can manually run
caddy trustprivileged in order to populate the Caddy root CA cert manually. If you intend to disable the local HTTPS functionality (such as if you’re running Caddy behind a http reverse proxy), you can ignore the mail message.Thanks for clearing my anxieties :) Sometimes I feel an irrational fear that perhaps someone has broken into my server because of my lack of security knowledge, so having that mail come in was very anxiety inducing.