Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1163421 - Adjust log permissions to 0750 for openstack-trove
Adjust log permissions to 0750 for openstack-trove
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-trove (Show other bugs)
5.0 (RHEL 7)
Unspecified Unspecified
unspecified Severity unspecified
: z5
: 5.0 (RHEL 7)
Assigned To: hguemar
Luigi Toscano
: EasyFix, ZStream
Depends On:
Blocks: 1163424
  Show dependency treegraph
 
Reported: 2014-11-12 11:42 EST by Lon Hohberger
Modified: 2015-09-10 07:45 EDT (History)
8 users (show)

See Also:
Fixed In Version: openstack-trove-2014.1.5-1.el7ost
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-10 07:45:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:1762 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory 2015-09-10 11:45:31 EDT

  None (edit)
Description Lon Hohberger 2014-11-12 11:42:42 EST 
The spec file for openstack-trove sets the permissions for /var/log/trove directory to 0755, which is world-readable.  To maintain consistency, please set this to 0750.  See bug 1149688 for more details.  In the RPM spec file in the %files section, you can use the following:

%dir %attr(0750, trove, trove) %{_localstatedir}/log/trove

(Owner/Group are examples and may be different for this component)
Comment 1 Lon Hohberger 2014-11-12 11:51:06 EST 
The intent here is to tighten up access on /var/log directories and files.  Note that, apart from the RPM spec files, it's possible some OpenStack components may be setting permissions incorrectly as well.

It also may be the case that this component has a valid need to have its /var/log directory world-readable.  If that is the case, please close this bugzilla.
Comment 2 hguemar 2014-12-01 05:01:58 EST 
Makes sense, I'll also fix it in RDO.
Comment 8 Luigi Toscano 2015-09-01 09:32:46 EDT 
The permissions of a freshly installed /var/log/trove are now 0750.

drwxr-x---. 2 trove      root             22 Sep  1 08:49 trove

Verified on:
openstack-trove-common-2014.1.5-1.el7ost.noarch
Comment 11 errata-xmlrpc 2015-09-10 07:45:57 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1762.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.