Back to bug 2188743

Who When What Removed Added
Red Hat Bugzilla 2023-04-21 23:37:31 UTC Pool ID sst_ccs_rhel_8
Red Hat One Jira (issues.redhat.com) 2023-04-21 23:39:37 UTC Link ID Red Hat Issue Tracker RHELPLAN-155439
Tomas Capek 2023-04-24 09:38:22 UTC Keywords Documentation
Priority unspecified high
Assignee rhel-docs mjahoda
Mirek Jahoda 2023-04-26 11:53:18 UTC Status NEW ASSIGNED
Mirek Jahoda 2023-04-28 10:53:06 UTC Summary [DDF] Depending on root's umask, the key files might be generated with perm 600. Tangd-keygen does not handle different umask
Doc Type If docs needed, set a value Known Issue
QA Contact qe-baseos-security
Component Documentation tang
Sub Component DDF
CC dapospis
Assignee mjahoda scorreia
Pool ID sst_ccs_rhel_8 sst_security_special_projects_rhel_8
Mirek Jahoda 2023-04-28 10:53:46 UTC CC mjahoda
QA Contact qe-baseos-security mzeleny
Mirek Jahoda 2023-04-28 10:54:05 UTC Docs Contact mjahoda
Red Hat One Jira (issues.redhat.com) 2023-04-28 10:54:08 UTC Link ID Red Hat Issue Tracker SECENGSP-5175
Sergio Correia 2023-05-15 10:51:45 UTC Keywords Triaged
Mirek Jahoda 2023-05-15 15:14:35 UTC Doc Text .`tangd-keygen` does not handle non-default `umask` correctly

The `tangd-keygen` script does not change file permissions for generated key files. Consequently, on systems with a default user file-creation mode mask (`umask`) that prevents reading keys to other users, the `tang-show-keys` command returns the error message `Internal Error 500` instead of displaying the keys.

To work around the problem, use the `chmod o+r *.jwk` command to change permissions on the files in the `/var/db/tang` directory.
Tomas Capek 2023-06-13 15:31:32 UTC Keywords Documentation ReleaseNotes
Sergio Arroutbi 2023-07-21 10:06:34 UTC CC sarroutb
Assignee scorreia sarroutb
Patrik Koncity 2023-07-21 11:38:44 UTC CC pkoncity
QA Contact mzeleny pkoncity
Sergio Arroutbi 2023-07-21 12:45:31 UTC Status ASSIGNED POST
Sergio Arroutbi 2023-07-21 12:49:07 UTC Status POST MODIFIED
Martin Zelený 2023-07-21 13:18:17 UTC Fixed In Version tang-7-8.el8
CC mzeleny
errata-xmlrpc 2023-07-21 14:15:21 UTC Status MODIFIED ON_QA
AutoMiloš 2023-07-21 15:05:25 UTC Keywords AutoVerified
Patrik Koncity 2023-07-24 06:30:37 UTC Status ON_QA VERIFIED

Back to bug 2188743