FreeBSd-13.2p9 (jail)

Name           : p5-openxpki
Version        : 3.24.2

Using the service command to restart the openxpkid daemon results in permission and ownership changes to files and directories that render the webui unusable:

example:
```
for F in \
  "/usr/local/etc/openxpki/webui/default.conf" \
  "/usr/local/etc/openxpki/webui/" \
  "/usr/local/etc/openxpki/" \
  "/usr/local/etc/openxpki/config.d" \
  "/usr/local/etc/openxpki/local/" \
  "/var/log/openxpki/webui.log"; 
do 
  ls -ld $F; 
done

-rw-r--r--  1 openxpki  openxpki  4781 Feb 23 09:51 /usr/local/etc/openxpki/webui/default.conf
drwxr-xr-x  2 openxpki  openxpki  3 Feb 23 09:51 /usr/local/etc/openxpki/webui/
drwxr-xr-x  13 openxpki  openxpki  21 Feb 23 12:37 /usr/local/etc/openxpki/
drwxr-x---  5 openxpki  openxpki  5 Feb  7 11:29 /usr/local/etc/openxpki/config.d
drwxr-x---  3 openxpki  openxpki  3 Feb  7 11:50 /usr/local/etc/openxpki/local/
-rw-rw----  1 www  www  16601 Mar  5 13:00 /var/log/openxpki/webui.log

 openxpkictl restart
Stopping OpenXPKI
Stopping gracefully, 3 (sub)processes remaining...
DONE.
Starting OpenXPKI Community Edition v3.24.2
try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 103.
try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 107.
OpenXPKI Server is running and accepting requests.
DONE.

for F in \
  "/usr/local/etc/openxpki/webui/default.conf" \
  "/usr/local/etc/openxpki/webui/" \
  "/usr/local/etc/openxpki/" \
  "/usr/local/etc/openxpki/config.d" \
  "/usr/local/etc/openxpki/local/" \
  "/var/log/openxpki/webui.log"; 
do 
  ls -ld $F; 
done

-rw-r--r--  1 openxpki  openxpki  4781 Feb 23 09:51 /usr/local/etc/openxpki/webui/default.conf
drwxr-xr-x  2 openxpki  openxpki  3 Feb 23 09:51 /usr/local/etc/openxpki/webui/
drwxr-xr-x  13 openxpki  openxpki  21 Feb 23 12:37 /usr/local/etc/openxpki/
drwxr-x---  5 openxpki  openxpki  5 Feb  7 11:29 /usr/local/etc/openxpki/config.d
drwxr-x---  3 openxpki  openxpki  3 Feb  7 11:50 /usr/local/etc/openxpki/local/
-rw-rw----  1 www  www  16601 Mar  5 13:00 /var/log/openxpki/webui.log

service openxpki onerestart
Service dirs recreated...
Executing: USER=openxpki /usr/local/bin/openxpkictl --config /usr/local/etc/openxpki/config.d restart
Stopping OpenXPKI
Stopping gracefully, 4 (sub)processes remaining...
DONE.
Starting OpenXPKI Community Edition v3.24.2
try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 103.
try/catch is experimental at /usr/local/lib/perl5/site_perl/OpenXPKI/Server/Init.pm line 107.
OpenXPKI Server is running and accepting requests.
DONE.

for F in \
  "/usr/local/etc/openxpki/webui/default.conf" \
  "/usr/local/etc/openxpki/webui/" \
  "/usr/local/etc/openxpki/" \
  "/usr/local/etc/openxpki/config.d" \
  "/usr/local/etc/openxpki/local/" \
  "/var/log/openxpki/webui.log"; 
do 
  ls -ld $F; 
done
-rwxr-xr--  1 openxpki  openxpki  4781 Feb 23 09:51 /usr/local/etc/openxpki/webui/default.conf
drwxr-xr--  2 openxpki  openxpki  3 Feb 23 09:51 /usr/local/etc/openxpki/webui/
drwxr-xr--  13 openxpki  openxpki  21 Feb 23 12:37 /usr/local/etc/openxpki/
drwxr-xr--  5 openxpki  openxpki  5 Feb  7 11:29 /usr/local/etc/openxpki/config.d
drwxr-xr--  3 openxpki  openxpki  3 Feb  7 11:50 /usr/local/etc/openxpki/local/
-rw-rw----  1 openxpki  openxpki  17010 Mar  5 14:57 /var/log/openxpki/webui.log

```

Using service instead of openxpkictl results in the permissions of directories losing the o+x capability and the owner of webui.log being changed to openxpki:openxpki from www:www.

When the permissions are changed the webui fails to start and the error logged is:

webui.fcgi: Can't open config file '/usr/local/etc/openxpki/webui/default.conf' (permission denied) 

When the owner of webui.log is changed webui also fails to start and the error logged is:

webui.fcgi: Can't sysopen /var/log/openxpki/webui.log (Permission denied)