Bug 1001482

Summary: Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable
Product: Red Hat Enterprise Virtualization Manager Reporter: Yedidyah Bar David <didi>
Component: ovirt-engine-setupAssignee: Yedidyah Bar David <didi>
Status: CLOSED NOTABUG QA Contact: Ilanit Stein <istein>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.2.0CC: aberezin, acathrow, alonbl, bazulay, didi, iheim, oschreib, Rhev-m-bugs, yeylon
Target Milestone: ---Keywords: Reopened, Triaged
Target Release: 3.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: integration
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-25 07:31:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Yedidyah Bar David 2013-08-27 07:03:37 UTC 
Description of problem:

Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable.

Version-Release number of selected component (if applicable):

3.2

How reproducible:

When an ssl.conf file exists prior to running setup

Steps to Reproduce:
1. Verify that ssl.conf exists (this is the default)
2. Run engine-setup, choose to automatically update apache/httpd conf

Actual results:

There is a world-writable backup file named /etc/httpd/conf.d/ssl.conf.BACKUP.$timestamp

Expected results:

The file should be writable by root only.

Additional info:

This seems to be caused by the function copyFile in common_utils.py to have the default for filemod '-1'.
Comment 5 Yedidyah Bar David 2013-09-25 07:31:52 UTC 
Closing, as it does not affect RHEV/RHEL. BZ #1011616 is for upstream ovirt 3.2.