[identity] fernet key file resource shuld be sensitive

Bug #1719861 reported by Stefan Hoffmann on 2017-09-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack + Chef
Undecided
Stefan Hoffmann

Bug Description

The file resource /etc/keystone/fernet-tokens/fernet_key0 takes the fernet key from secrets data bag. So I think this resource should be sensitive

https://github.com/openstack/cookbook-openstack-identity/blob/a66540d8157507ea9fde456241fc5c613ad7afb9/recipes/_fernet_tokens.rb#L38

Fix proposed to branch: master
Review: https://review.openstack.org/507841

Changed in openstack-chef:
assignee: nobody → Stefan Hoffmann (mr-hopeman)
status: New → In Progress

Reviewed: https://review.openstack.org/507841
Committed: https://git.openstack.org/cgit/openstack/cookbook-openstack-identity/commit/?id=9a8b6424ba06f9a86917969837aff38d7ae8c690
Submitter: Jenkins
Branch: master

commit 9a8b6424ba06f9a86917969837aff38d7ae8c690
Author: Stefan Hoffmann <email address hidden>
Date: Wed Sep 27 14:43:06 2017 +0200

    make fernet key file resource sensitive

    Change-Id: I5481547214c7a96b64f3a183f494e3807c1c7735
    Closes-Bug: #1719861

Changed in openstack-chef:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers