Project

General

Profile

Feature #29255

Set Foreman plugin config file permissions to 0640

Added by Ewoud Kohl van Wijngaarden 5 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Category:
Foreman modules
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Config files might contain secrets such as credentials. Therefore they shouldn't be world readable.

The katello config is such an example and is currently replicating foreman::plugin. commit:9c1787ad19b2cae407b25958095ecbf78757a959 removed the other reason.

Associated revisions

Revision fb9f221d (diff)
Added by Ewoud Kohl van Wijngaarden 5 months ago

Fixes #29255 - Set plugin config file mode to 0640

This sets the config file mode to 0640 by default because they may
contain secrets such as credentials. To keep it readable for Foreman,
the group is modified to $foreman::group.

History

#1 Updated by The Foreman Bot 5 months ago

  • Assignee set to Ewoud Kohl van Wijngaarden
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-foreman/pull/807 added

#2 Updated by The Foreman Bot 5 months ago

  • Fixed in Releases 2.1.0 added

#3 Updated by Ewoud Kohl van Wijngaarden 5 months ago

  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF