From cd57bab6eb9ddee37eee90b10c8730d26d3bc56a Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Wed, 17 Aug 2011 16:22:11 +0200
Subject: [PATCH] ensure-dirs: Set correct permissions on ssconf files
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The files should be 0444, not 0400. This was a regression from 2.4.
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: RenΓ© Nussbaumer <rn@google.com>
---
lib/constants.py | 2 ++
lib/ssconf.py | 3 ++-
lib/tools/ensure_dirs.py | 3 ++-
3 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/constants.py b/lib/constants.py
index 45c02db1c..402087925 100644
--- a/lib/constants.py
+++ b/lib/constants.py
@@ -1240,6 +1240,8 @@ SS_MAINTAIN_NODE_HEALTH = "maintain_node_health"
SS_UID_POOL = "uid_pool"
SS_NODEGROUPS = "nodegroups"
+SS_FILE_PERMS = 0444
+
# cluster wide default parameters
DEFAULT_ENABLED_HYPERVISOR = HT_XEN_PVM
diff --git a/lib/ssconf.py b/lib/ssconf.py
index c1ef0966e..9cc2a3450 100644
--- a/lib/ssconf.py
+++ b/lib/ssconf.py
@@ -349,7 +349,8 @@ class SimpleStore(object):
if len(value) > self._MAX_SIZE:
raise errors.ConfigurationError("ssconf file %s above maximum size" %
name)
- utils.WriteFile(self.KeyToFilename(name), data=value, mode=0444)
+ utils.WriteFile(self.KeyToFilename(name), data=value,
+ mode=constants.SS_FILE_PERMS)
finally:
ssconf_lock.Unlock()
diff --git a/lib/tools/ensure_dirs.py b/lib/tools/ensure_dirs.py
index 8de0cbf4d..fcdae5fd5 100644
--- a/lib/tools/ensure_dirs.py
+++ b/lib/tools/ensure_dirs.py
@@ -172,7 +172,8 @@ def GetPaths():
ss = ssconf.SimpleStore()
for ss_path in ss.GetFileList():
- paths.append((ss_path, FILE, 0400, getent.noded_uid, 0, False))
+ paths.append((ss_path, FILE, constants.SS_FILE_PERMS,
+ getent.noded_uid, 0, False))
paths.extend([
(constants.QUEUE_DIR, DIR, 0700, getent.masterd_uid,
--
GitLab