From c001620050e49cd6e364c1395380347d46f6373f Mon Sep 17 00:00:00 2001
From: Don Penney <don.penney@windriver.com>
Date: Mon, 15 Jul 2019 14:58:11 -0400
Subject: [PATCH] Restrict permissions on patching logfiles

This update sets restricted permissions on patching logfiles.

Change-Id: I922c6d278dc747c186288a15d12369bbddb40bea
Partial-Bug: 1836632
Signed-off-by: Don Penney <don.penney@windriver.com>
---
 cgcs-patch/centos/build_srpm.data                   | 2 +-
 cgcs-patch/cgcs-patch/cgcs_patch/patch_functions.py | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/cgcs-patch/centos/build_srpm.data b/cgcs-patch/centos/build_srpm.data
index 6284e232..7323fa4e 100644
--- a/cgcs-patch/centos/build_srpm.data
+++ b/cgcs-patch/centos/build_srpm.data
@@ -1 +1 @@
-TIS_PATCH_VER=27
+TIS_PATCH_VER=28
diff --git a/cgcs-patch/cgcs-patch/cgcs_patch/patch_functions.py b/cgcs-patch/cgcs-patch/cgcs_patch/patch_functions.py
index 7aa7b4ab..22c75055 100644
--- a/cgcs-patch/cgcs-patch/cgcs_patch/patch_functions.py
+++ b/cgcs-patch/cgcs-patch/cgcs_patch/patch_functions.py
@@ -83,11 +83,19 @@ def configure_logging(logtofile=True, level=logging.INFO):
         main_log_handler = logging.FileHandler(logfile)
         main_log_handler.setFormatter(formatter)
         LOG.addHandler(main_log_handler)
+        try:
+            os.chmod(logfile, 0o640)
+        except Exception:
+            pass
 
         auditLOG.setLevel(level)
         api_log_handler = logging.FileHandler(apilogfile)
         api_log_handler.setFormatter(formatter)
         auditLOG.addHandler(api_log_handler)
+        try:
+            os.chmod(apilogfile, 0o640)
+        except Exception:
+            pass
 
         # Log uncaught exceptions to file
         sys.excepthook = handle_exception