From f681baf4aedfd8754063236814e66fd3825d62ca Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien@redhat.com>
Date: Mon, 4 Nov 2019 11:06:44 +0100
Subject: [PATCH] Mode 0750 for /var/log/containers

Logs should not be world-readable, they contain sensitive informations.

Change-Id: I97bdc6344816ca04e9afaeb939690aa367d4b33f
(cherry picked from commit de92a638f8bc8194024f5d6d8cd8352a3406dd5e)
---
 common/deploy-steps-tasks.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/common/deploy-steps-tasks.yaml b/common/deploy-steps-tasks.yaml
index c598ca7e21..f07b9c9576 100644
--- a/common/deploy-steps-tasks.yaml
+++ b/common/deploy-steps-tasks.yaml
@@ -26,6 +26,7 @@
             state: directory
             setype: var_log_t
             selevel: s0
+            mode: 0750
           tags:
             - host_config
             - container_config