Bug 1431462

Description of problem:
The directory /var/log/ceilometer is world readable and contains log files that are readable, which can result in the exposure of sensitive information. The 'other readable/execute' bits need to be removed from the /var/log/ceilometer directory.

Because no sensitive data was found in the files, this is being raised as a hardening bug, and not a flaw.

Version-Release number of selected component (if applicable):
openstack-ceilometer-6.1.3-2.el7ost

How reproducible:
List /var/log directory for openstack-ceilometer:
$ ls -la ceilometer/
total 596
drwxr-xr-x.  2 ceilometer root         4096 Mar  7 20:29 .
drwxr-xr-x. 29 root       root         4096 Mar 12 19:20 ..
-rw-r--r--.  1 ceilometer ceilometer  76389 Mar 12 19:20 agent-notification.log
-rw-r--r--.  1 ceilometer ceilometer    512 Mar  7 20:29 ceilometer-dbsync.log
-rw-r--r--.  1 ceilometer ceilometer 388917 Mar 12 19:20 central.log
-rw-r--r--.  1 ceilometer ceilometer   4578 Mar 12 19:21 collector.log
-rw-r--r--.  1 ceilometer ceilometer  57511 Mar 12 19:20 compute.log

Actual results:
Directory and files are world readable.

Expected results:
Directory and files should not be world readable.