Same as below, for /var/log/ovirt-engine-dwh +++ This bug was initially created as a clone of Bug #1540622 +++ Description of problem: /var/log/ovirt-engine, including everything underneath, is world-readable. We protect sensitive information by filtering it out of these logs, but when we add new such information, sometimes a rather long time passes between adding it and someone noticing that it's not filtered out. So we should make all these directories readable only as needed. Didn't check what's the minimum that's working well - since we have there things written by user 'ovirt' and other things by user 'root', need to verify that if we change to ovirt:ovirt 0700, root is not prevented access (e.g. by selinux), or find some other solution. Version-Release number of selected component (if applicable): Forever. How reproducible: 100% Steps to Reproduce: 1. Setup engine 2. Add a host 3. Actual results: All logs are readable by every local user on the machine. Expected results: All relevant logs are readable (at most) by users ovirt and root. Additional info:
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
ok, ovirt-engine-dwh-setup-4.2.2.1-1.el7ev.noarch
This bugzilla is included in oVirt 4.2.2 release, published on March 28th 2018. Since the problem described in this bug report should be resolved in oVirt 4.2.2 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.