some horizon config file should not be readable from other users
Bug #1370888 reported by
LeileiZhou
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack + Chef |
Fix Released
|
High
|
LeileiZhou |
Bug Description
File /etc/openstack-
DATABASES = {
'default': {
'ENGINE': '',
'NAME': 'horizon',
'USER': 'dash',
'PASSWORD': 'horizon',
'HOST': '127.0.0.1',
},
}
To avoid unauthorized user to acquire the password, this file should be set as 0640 in cookbook.
Also currently, local_settings 's owner and group property is root/root. However service httpd which is running with user "apache" needs to read the file. So this file's ownship property should be changed to root/apache.
Changed in openstack-chef: | |
assignee: | nobody → LeileiZhou (leileiz) |
description: | updated |
description: | updated |
Changed in openstack-chef: | |
importance: | Undecided → High |
status: | New → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/122337
Review: https:/