StarlingX

  1. Bug #1991118
  2. Comment #2

Comment 2 for bug 1991118

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fault (master)

Reviewed: https://review.opendev.org/c/starlingx/fault/+/859299
Committed: https://opendev.org/starlingx/fault/commit/74d56e72a05a21bcb1ef6d7e33516e8ee4414fee
Submitter: "Zuul (22348)"
Branch: master

commit 74d56e72a05a21bcb1ef6d7e33516e8ee4414fee
Author: Joao Victor Portal <email address hidden>
Date: Mon Sep 26 11:00:57 2022 -0300

    Restrict fmClientCli binary permissions

    The fmClientCli binary can create and delete alarms freely on the
    system, so the access to this binary should be restricted to Linux admin
    users.

    Test Plan:

    PASS: Deploy an AIO-SX using a Debian image containing this change and
    check that the permissions for file "/usr/local/bin/fmClientCli" is
    "-rwxr-x---" and the owner:group is root:root.
    PASS: Repeat the test above using a CentOS image.

    Closes-Bug: 1991118
    Signed-off-by: Joao Victor Portal <email address hidden>
    Change-Id: I0375ddc68ae1b5967447a326780272f77695793a