Restrict access to certificate files
The certificate files don't need x bits. Also these files, especially the private key file should have very restricted access. Closes-Bug: #2049203 Change-Id: I3f4cf18b70420a509ad971fea32277a7a9b59dc3
This commit is contained in:
parent
869993e13a
commit
a382404ddd
|
@ -188,7 +188,7 @@ class octavia::certificates (
|
|||
content => $ca_private_key_data,
|
||||
group => $file_permission_owner,
|
||||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
mode => '0640',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
|
@ -207,7 +207,7 @@ class octavia::certificates (
|
|||
content => $client_ca_data,
|
||||
group => $file_permission_owner,
|
||||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
mode => '0640',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
|
@ -229,7 +229,7 @@ class octavia::certificates (
|
|||
content => $client_cert_data,
|
||||
group => $file_permission_owner,
|
||||
owner => $file_permission_group,
|
||||
mode => '0755',
|
||||
mode => '0640',
|
||||
replace => true,
|
||||
show_diff => false,
|
||||
tag => 'octavia-certificate',
|
||||
|
|
|
@ -100,7 +100,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'on_my_authority_this_is_a_certificate',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
@ -110,7 +110,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'this_is_my_private_key_woot_woot',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
@ -120,7 +120,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'certainly_for_the_client',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
@ -167,7 +167,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'on_my_authority_this_is_a_certificate',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
@ -177,7 +177,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'this_is_my_private_key_woot_woot',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
@ -187,7 +187,7 @@ describe 'octavia::certificates' do
|
|||
'content' => 'certainly_for_the_client',
|
||||
'owner' => 'octavia',
|
||||
'group' => 'octavia',
|
||||
'mode' => '0755',
|
||||
'mode' => '0640',
|
||||
'replace' => true,
|
||||
'show_diff' => false,
|
||||
'tag' => 'octavia-certificate',
|
||||
|
|
Loading…
Reference in New Issue