[Engine-patches] Change in ovirt-engine[master]: pki: install private directories not world readable

Wed, 30 Jan 2013 14:47:51 -0800 

Alon Bar-Lev has uploaded a new change for review.

Change subject: pki: install private directories not world readable
......................................................................

pki: install private directories not world readable

This will enable to drop the permission change at
setup.

Change-Id: I9928cff3f16633e2bea8064b6ee9672f5043fab0
Signed-off-by: Alon Bar-Lev <alo...@redhat.com>
---
M Makefile
M packaging/fedora/spec/ovirt-engine.spec.in
2 files changed, 4 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/78/11578/1

diff --git a/Makefile b/Makefile
index 0a0dfb0..2d781f9 100644
--- a/Makefile
+++ b/Makefile
@@ -335,8 +335,8 @@
 
 install_sec:
        install -dm 755 $(DESTDIR)$(PKG_PKI_DIR)/certs
-       install -dm 755 $(DESTDIR)$(PKG_PKI_DIR)/keys
-       install -dm 755 $(DESTDIR)$(PKG_PKI_DIR)/private
+       install -dm 750 $(DESTDIR)$(PKG_PKI_DIR)/keys
+       install -dm 750 $(DESTDIR)$(PKG_PKI_DIR)/private
        install -dm 755 $(DESTDIR)$(PKG_PKI_DIR)/requests
 
        # Configuration files:
diff --git a/packaging/fedora/spec/ovirt-engine.spec.in 
b/packaging/fedora/spec/ovirt-engine.spec.in
index a76530c..4e674e1 100644
--- a/packaging/fedora/spec/ovirt-engine.spec.in
+++ b/packaging/fedora/spec/ovirt-engine.spec.in
@@ -671,8 +671,8 @@
 # create files inside:
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_pki}
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_pki}/certs
-%dir %attr(-, %{engine_user}, %{engine_group}) %{engine_pki}/keys
-%dir %attr(-, %{engine_user}, %{engine_group}) %{engine_pki}/private
+%dir %attr(0750, %{engine_user}, %{engine_group}) %{engine_pki}/keys
+%dir %attr(0750, %{engine_user}, %{engine_group}) %{engine_pki}/private
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_pki}/requests
 
 # PKI scripts:


--
To view, visit http://gerrit.ovirt.org/11578
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I9928cff3f16633e2bea8064b6ee9672f5043fab0
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to