Description of problem:
When starting docker permissions change on /var/lib/docker and /etc/sysconfig/docker-storage, in turn causing OpenSCAP to warn about the permission change.
Version-Release number of selected component (if applicable):
docker-1.12.6
How reproducible:
100%
Steps to Reproduce:
1. Install docker
2. Start docker
Actual results:
```
FINDING 1:
(HIGH) Verify and Correct File Permissions with R= PM (xccdf_org.ssgproject.conte= nt_rule_rpm_verify_permissions)
Items found violating = mode of all files matches local rpm database:
```
Expected results:
No findings, rpm to ship with right permissions or permissions remain unchanged.
Additional info:
Verify and Correct File Permissions with RPM
# rpm -V docker
I would expect the results to look similar to this:
S.5....T. c /etc/sysconfig/docker-storage
S.5....T. c /etc/sysconfig/docker-storage-setup
- Here Size,digest,and mtime differ which is to be expected.
.M....... /var/lib/docker
- Here the mode differs, this happens when you start docker for the first time docker changing the permissions on /var/lib/docker
Fresh Install:
drwx------. 2 root root 6 May 17 01:17 /var/lib/docker/
-rw-------. 1 root root 218 Jul 21 11:55 /etc/sysconfig/docker-storage
After starting docker service:
drwx--x--x. 10 root root 124 Jun 20 14:15 /var/lib/docker/
-rw-r--r--. 1 root root 218 Jul 21 11:55 /etc/sysconfig/docker-storage