Browse Source

Merge "Enforce 0600 permissions on an existing SSH private key file." into stable/train

changes/40/704340/1
Zuul 3 weeks ago
parent
commit
6501655ab1
1 changed files with 2 additions and 0 deletions
  1. +2
    -0
      tripleo_common/actions/ansible.py

+ 2
- 0
tripleo_common/actions/ansible.py View File

@@ -232,6 +232,7 @@ class AnsibleAction(actions.Action):
# NOTE(flaper87): if it's a path, use it
if (isinstance(self._ssh_private_key, six.string_types) and
os.path.exists(self._ssh_private_key)):
os.chmod(self._ssh_private_key, 0o600)
return self._ssh_private_key

path = os.path.join(self.work_dir, 'ssh_private_key')
@@ -462,6 +463,7 @@ class AnsiblePlaybookAction(base.TripleOAction):
# NOTE(flaper87): if it's a path, use it
if (isinstance(self._ssh_private_key, six.string_types) and
os.path.exists(self._ssh_private_key)):
os.chmod(self._ssh_private_key, 0o600)
return self._ssh_private_key

path = os.path.join(self.work_dir, 'ssh_private_key')

Loading…
Cancel
Save