update permission of paste config to 600

to ensure that any system users cannot read
credentials stored in the file.
This commit is contained in:
Dan Bode 2013-03-20 15:20:04 -07:00
parent c3515c93e3
commit 7d07f23914
2 changed files with 11 additions and 1 deletions

View File

@ -37,7 +37,9 @@ class cinder::base (
mode => '0600',
}
file { $::cinder::params::cinder_paste_api_ini: }
file { $::cinder::params::cinder_paste_api_ini:
mode => '0600',
}
# Temporary fixes
file { ['/var/log/cinder', '/var/lib/cinder']:

View File

@ -40,5 +40,13 @@ describe 'cinder::base' do
)
end
it { should contain_file('/etc/cinder/cinder.conf').with(
:mode => '0600'
) }
it { should contain_file('/etc/cinder/api-paste.ini').with(
:mode => '0600'
) }
end
end