Tighten file permissions of dispersion.conf
The dispersion.conf contains a password, and should be readable only by the swift user/group. The tool swift-dispersion-report also needs to read swift.conf, and that file has already a mode of 640 - thus it makes sense to use the same mode for this file. Change-Id: Ia6b3c807b3103983a2dd370aad95c709358f43cc
This commit is contained in:
parent
0e8c75e526
commit
e8f765dcde
@ -89,6 +89,7 @@ class swift::dispersion (
|
||||
ensure => file,
|
||||
owner => 'swift',
|
||||
group => 'swift',
|
||||
mode => '0640',
|
||||
}
|
||||
|
||||
swift_dispersion_config {
|
||||
|
@ -31,7 +31,8 @@ describe 'swift::dispersion' do
|
||||
it { is_expected.to contain_file('/etc/swift/dispersion.conf').with(
|
||||
:ensure => 'file',
|
||||
:owner => 'swift',
|
||||
:group => 'swift',)
|
||||
:group => 'swift',
|
||||
:mode => '0640',)
|
||||
}
|
||||
|
||||
shared_examples 'swift::dispersion' do
|
||||
|
Loading…
Reference in New Issue
Block a user