rpms / ipa

Clone
Source Code
GIT

Files

  1.   b78ab8aa0c5acf4c35b15609c7133cfd9ef9c5a6
  2.   SOURCES
  3.   0043-Always-make-ipa.p11-kit-world-readable.patch
Blob Blame History Raw 
From 8ba1a1e89b34e587a9898a85f1c545dbd1c7765a Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Fri, 22 Jun 2018 12:22:06 +0200
Subject: [PATCH] Always make ipa.p11-kit world-readable

Ensure that ipa.p11-kit is always world-readable.

Fixes: https://pagure.io/freeipa/issue/7594
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
 ipaplatform/redhat/tasks.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py
index 6a4270defc9f444f76677bdf08d2a680649664bb..8fc8b54c146d540c988d97b7fb0927fced7c3e29 100644
--- a/ipaplatform/redhat/tasks.py
+++ b/ipaplatform/redhat/tasks.py
@@ -269,6 +269,7 @@ class RedHatTaskNamespace(BaseTaskNamespace):
 
         try:
             f = open(new_cacert_path, 'w')
+            os.fchmod(f.fileno(), 0o644)
         except IOError as e:
             logger.info("Failed to open %s: %s", new_cacert_path, e)
             return False
-- 
2.17.1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation