Project

General

Profile

Bug #16941

installer does not check&fix wrong permissions on /etc/pki/pulp/rsa.key

Added by Stephen Benjamin almost 5 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Installer
Target version:
Difficulty:
easy
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1334400
Description of problem:
User story: After manually fixing some SSL certificate files, and leaving /etc/pki/pulp/rsa.key owned by root:root, katello-installer was run to fix potential file permissions and ownership discrepancies. But this file was still owned by root:root while it must be owned by root:apache (otherwise half of pulp requests fail on file access error).

Please update installer such that it sets properly file ownership of /etc/pki/pulp/rsa.key .

Version-Release number of selected component (if applicable):
katello-installer-2.3.25-1.el7sat.noarch
pulp-server-2.6.0.20-1.el7sat.noarch

How reproducible:
100%

Steps to Reproduce:
1. Have installed Sat6
2. chown root:root /etc/pki/pulp/rsa.key
3. katello-installer
4. ll /etc/pki/pulp/rsa.key

Actual results:
Step 4. shows:

rw-r----. 1 root root 1679 May 7 15:40 /etc/pki/pulp/rsa.key

Expected results:
Step 4. to show:

rw-r----. 1 root apache 1679 May 7 15:40 /etc/pki/pulp/rsa.key

Additional info:
Not sure what other files can be affected by the same bug.

Associated revisions

Revision f2dfac63 (diff)
Added by Chris Roberts almost 5 years ago

Fixes #16941 - Check perms on Pulp key (#182)

History

#1 Updated by Justin Sherrill almost 5 years ago

  • Subject changed from installer does not check&fix wrong permissions on /etc/pki/pulp/rsa.key to installer does not check&fix wrong permissions on /etc/pki/pulp/rsa.key
  • Legacy Backlogs Release (now unused) set to 114

#2 Updated by Chris Roberts almost 5 years ago

  • Assignee set to Chris Roberts
  • Target version set to 147
  • Legacy Backlogs Release (now unused) changed from 114 to 184
  • Difficulty set to easy

#3 Updated by Chris Roberts almost 5 years ago

  • Legacy Backlogs Release (now unused) changed from 184 to 188

#4 Updated by Chris Roberts almost 5 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/puppet-pulp/pull/182 added

#5 Updated by Chris Roberts almost 5 years ago

  • Status changed from Ready For Testing to Resolved

Also available in: Atom PDF