Description of problem: Since we are storing SSO secret in ovirt-provider-ovn.conf which is used for provider authentication by role, we should change the file permissions from 755 to 750 to restrict everyone from accessing the content. Version-Release number of selected component (if applicable): virt-provider-ovn-1.1-2.20170505083409.git1cc74cb.el7.centos.noarch How reproducible: 100% Steps to Reproduce: 1. Install ovirt-provider-ovn package. Actual results: ls -al /etc/ovirt-provider-ovn/ovirt-provider-ovn.conf -rwxr-xr-x. 1 root root 923 May 5 11:34 /etc/ovirt-provider-ovn/ovirt-provider-ovn.conf Expected results: Should be -rwxr-x--- Additional info:
P.S config files should not be marked as executable.
Fixed for all files collectively in one patch.
*** Bug 1434861 has been marked as a duplicate of this bug. ***
Verified on: ovirt-provider-ovn.noarch 0:1.1-2.20170525114308.git975a64f.el7.centos # ls -al /etc/ovirt-provider-ovn/ovirt-provider-ovn.conf -rw-r--r--. 1 root root 1019 May 25 14:43 /etc/ovirt-provider-ovn/ovirt-provider-ovn.conf
This bugzilla is included in oVirt 4.2.0 release, published on Dec 20th 2017. Since the problem described in this bug report should be resolved in oVirt 4.2.0 release, published on Dec 20th 2017, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.