Description of problem: result of my engine-backup run: # engine-backup --file=/tmp/backup-test --log=/tmp/backup-test.log --mode=backup Backing up: Notifying engine - Files - Engine database 'engine' - DWH database 'ovirt_engine_history' Packing into file '/tmp/backup-test' Notifying engine Done. # ls -l /tmp/backup-test* -rw-r--r--. 1 root root 156955518 Apr 24 13:45 /tmp/backup-test -rw-r--r--. 1 root root 3209 Apr 24 13:45 /tmp/backup-test.log let's assume some user could use world-accessible dir as destination directory - eg. /tmp - thus backup file could be readable by world. it seems like changing umask could be enough, not tested at all. Version-Release number of selected component (if applicable): ovirt-engine-tools-backup-4.2.3-0.1.el7.noarch How reproducible: 100% Steps to Reproduce: 1. run engine-backup in backup mode 2. check unix rights (DAC) on the file 3. Actual results: 0644 Expected results: 'all' should not have 'r', maybe group too Additional info:
ok, # rpm -qf `which engine-backup` ovirt-engine-tools-backup-4.3.0-0.0.master.20180828114844.git0bc18b1.el7.noarch # ls -l /tmp/backup* -rw-------. 1 root root 864857 Aug 29 21:02 /tmp/backup-test -rw-------. 1 root root 3239 Aug 29 21:02 /tmp/backup-test.log
This bugzilla is included in oVirt 4.2.7 release, published on November 2nd 2018. Since the problem described in this bug report should be resolved in oVirt 4.2.7 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.
Closed by mistake, moving back to qa -> verified
This bugzilla is included in oVirt 4.3.0 release, published on February 4th 2019. Since the problem described in this bug report should be resolved in oVirt 4.3.0 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.