Set Least Previliage for .PEM files under directory /etc/genesis.

We don't have the ability to coordinate custom user ids in a safe way across different container yet.this is a bandaid fix and will be addressed properly later Change-Id: I5e211f80a9402c5fafbc614ec58e481106632681
2019-03-04 08:25:15 -06:00 · 2019-03-04 08:25:15 -06:00 · 9628da8cf4
parent 7c9b2253f1
commit 9628da8cf4
1 changed files with 2 additions and 0 deletions
--- a/promenade/templates/scripts/genesis.sh
+++ b/promenade/templates/scripts/genesis.sh
@ -8,6 +8,8 @@ mkdir -p /var/log/armada
 touch /var/log/armada/bootstrap-armada.log
 chmod 777 /var/log/armada/bootstrap-armada.log

+chmod -R 600 /etc/genesis
+
 set +x
 log
 log === Waiting for Kubernetes API availablity ===