Project

General

Profile

Actions
Copy link

Bug #35335

closed

/etc/pki/katello/certs/katello-server-ca.crt deployed with too strict permissions

Added by Evgeni Golov over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
2115775
Pull request:
https://github.com/theforeman/puppet-certs/pull/403
Fixed in Releases:
Foreman - 3.4.0
Found in Releases:
Foreman - 3.1.0, Foreman - 3.1.1, Foreman - 3.1.2, Foreman - 3.1.3, Foreman - 3.2.0, Foreman - 3.2.1, Foreman - 3.2.2, Foreman - 3.3.0, Foreman - 3.3.1
Red Hat JIRA:

Description

right now, the file is deployed as:

# ls -ld /etc/pki/katello/certs/katello-server-ca.crt
-r--r-----. 1 root foreman 2533 Aug  4 13:59 /etc/pki/katello/certs/katello-server-ca.crt

which means it can't be read by users outside the foreman group (and root).

but there is actually nothing private in that file, so we can loosen the restriction a bit

Actions
Copy link

Also available in: Atom PDF