Restrict permissions on docker registry certificate file
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Low
|
Andy |
Bug Description
Brief Description
-----------------
It is noticed that docker registry certificate file (/etc/docker/
Severity
--------
Minor: System/Feature is usable with minor issue
Steps to Reproduce
------------------
Deploy a DX or standard system with two controllers.
After deployment, check the permission of /etc/docker/
Expected Behavior
------------------
docker registry certificate file on all nodes should have permission 400.
Actual Behavior
----------------
docker registry certificate file on controller-0 has permission 644:
controller-
total 4
-rw-r--r-- 1 root root 1078 Dec 3 01:41 registry-cert.crt
Reproducibility
---------------
100% reproducible
System Configuration
-------
Two controller system
Branch/Pull Time/Commit
-------
Latest on stx master
Last Pass
---------
Unknown
Timestamp/Logs
--------------
See steps to reproduce.
Test Activity
-------------
Developer Testing
Workaround
----------
N/A
Changed in starlingx: | |
assignee: | nobody → Andy (andy.wrs) |
Changed in starlingx: | |
importance: | Undecided → Low |
status: | New → Triaged |
tags: | added: stx.5.0 stx.security |
Review: https:/ /review. opendev. org/c/starlingx /ansible- playbooks/ +/765560
merged on 2020-12-04