[Engine-patches] Change in ovirt-engine[master]: pki: set ownership of apache key to root

Alon Bar-Lev Wed, 27 Mar 2013 14:32:27 -0700

Alon Bar-Lev has uploaded a new change for review.

Change subject: pki: set ownership of apache key to root
......................................................................


pki: set ownership of apache key to root

Apache reads the keys before dropping privileges, correct permissions
are read by root.

Change-Id: I7f3ab38f6e3f4e03244878877d4bab0fd72bc3c4
Signed-off-by: Alon Bar-Lev <alo...@redhat.com>
---
M packaging/fedora/setup/engine-setup.py
M packaging/fedora/setup/engine-upgrade.py
2 files changed, 4 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/81/13381/1

diff --git a/packaging/fedora/setup/engine-setup.py 
b/packaging/fedora/setup/engine-setup.py
index 4f63853..ba7e777 100755
--- a/packaging/fedora/setup/engine-setup.py
+++ b/packaging/fedora/setup/engine-setup.py
@@ -917,9 +917,9 @@
     # Update keystore permissions
     utils.chownToEngine(basedefs.FILE_JBOSS_KEYSTORE)
     os.chmod(basedefs.FILE_JBOSS_KEYSTORE, 0640)
-    os.chown(basedefs.FILE_APACHE_KEYSTORE, utils.getUsernameId("apache"), 
utils.getGroupId("apache"))
+    os.chown(basedefs.FILE_APACHE_KEYSTORE, utils.getUsernameId("root"), 
utils.getGroupId("root"))
     os.chmod(basedefs.FILE_APACHE_KEYSTORE, 0640)
-    os.chown(basedefs.FILE_APACHE_PRIVATE_KEY, utils.getUsernameId("apache"), 
utils.getGroupId("apache"))
+    os.chown(basedefs.FILE_APACHE_PRIVATE_KEY, utils.getUsernameId("root"), 
utils.getGroupId("root"))
     os.chmod(basedefs.FILE_APACHE_PRIVATE_KEY, 0640)
 
 def _updateCaCrtTemplate():
diff --git a/packaging/fedora/setup/engine-upgrade.py 
b/packaging/fedora/setup/engine-upgrade.py
index c605c96..5b2383b 100755
--- a/packaging/fedora/setup/engine-upgrade.py
+++ b/packaging/fedora/setup/engine-upgrade.py
@@ -490,8 +490,8 @@
                 utils.copyFile(
                     src,
                     dst,
-                    utils.getUsernameId("apache"),
-                    utils.getGroupId("apache"),
+                    utils.getUsernameId("root"),
+                    utils.getGroupId("root"),
                     0640
                 )
             except OSError:


--
To view, visit http://gerrit.ovirt.org/13381
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I7f3ab38f6e3f4e03244878877d4bab0fd72bc3c4
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: pki: set ownership of apache key to root

Reply via email to