Bug 2180902

Summary: add mode parameter to change permissions for cert files
Product: Red Hat Enterprise Linux 9 Reporter: Rich Megginson <rmeggins>
Component: rhel-system-rolesAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Jakub Haruda <jharuda>
Severity: unspecified Docs Contact: David Voženílek <dvozenil>
Priority: unspecified    
Version: 9.3CC: djez, ftrivino, jharuda, spetrosi, vdanek
Target Milestone: rcKeywords: Triaged
Target Release: 9.3Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: role:certificate
Fixed In Version: rhel-system-roles-1.22.0-0.15.el9 Doc Type: Enhancement
Doc Text:
Enhancement: Allow setting of certificate and key files mode attribute through the use of the 'mode' parameter, when using the certmonger provider. Reason: Previously, the certificate files generated by the certmonger provider used a default file mode that may not be suitable for some tools or for some more restricted environments. Result: The file mode attribute can now be set using the same roles as Ansible's file mode parameter, accepting either a string or an integer.
 Story Points: ---
Clone Of:
: 2218204 (view as bug list) Environment:
Last Closed: 2023-11-07 08:29:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2218204    
Deadline: 2023-07-31   

Description Rich Megginson 2023-03-22 15:03:41 UTC 
There are some cases where the file permissions should be more or less restrictive than the certmonger defaults.  The role should provide a mode parameter for this.  See https://github.com/linux-system-roles/certificate/issues/133#issuecomment-1475281537
Comment 5 Rafael Jeffman 2023-06-21 12:07:06 UTC 
Upstream PR: https://github.com/linux-system-roles/certificate/pull/175
Comment 15 errata-xmlrpc 2023-11-07 08:29:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:6390
Comment 16 Red Hat Bugzilla 2024-03-07 04:25:28 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days