+++ This bug is an upstream to downstream clone. The original bug is: +++ +++ bug 1714153 +++ ====================================================================== The directory /var/lib/ovirt-hosted-engine-setup/cockpit should be readable only as needed, as it might contain sensitive information, even after we fix Bug 1703678. (Originally by didi)
Test Version rhvh-4.3.0.8-0.20190522.0 cockpit-system-193-1.el7.noarch cockpit-ws-193-1.el7.x86_64 cockpit-dashboard-193-1.el7.x86_64 cockpit-193-1.el7.x86_64 cockpit-ovirt-dashboard-0.13.0-1.el7ev.noarch cockpit-machines-ovirt-193-1.el7.noarch cockpit-bridge-193-1.el7.x86_64 cockpit-storaged-193-1.el7.noarch ovirt-hosted-engine-ha-2.3.1-1.el7ev.noarch ovirt-hosted-engine-setup-2.3.8-1.el7ev.noarch Test Steps: [root@hp-dl388g9-04 ~]# ls -al /var/lib/ovirt-hosted-engine-setup/|grep cockpit drwxr-xr-x. 2 root root 4096 May 14 19:09 cockpit Result: The directory /var/lib/ovirt-hosted-engine-setup/cockpit is not readable only. QE can reproduce this issue , ACK+ (Originally by Wei Wang)
QE will verify it until getting new build. (Originally by Wei Wang)
Test Version RHVH-4.3-20190620.7-RHVH-x86_64-dvd1.iso cockpit-system-195-1.el7.noarch cockpit-195-1.el7.x86_64 cockpit-bridge-195-1.el7.x86_64 cockpit-ws-195-1.el7.x86_64 cockpit-machines-ovirt-195-1.el7.noarch cockpit-dashboard-195-1.el7.x86_64 cockpit-storaged-195-1.el7.noarch cockpit-ovirt-dashboard-0.13.2-2.el7ev.noarch Test Steps: [root@hp-dlxxx-xx ~]# ls -al /var/lib/ovirt-hosted-engine-setup/|grep cockpit drwxr-xr-x. 2 root root 4096 Jun 11 20:09 cockpit Result: The directory /var/lib/ovirt-hosted-engine-setup/cockpit is not readable only. QE still can reproduce this issue , change back to "ASSIGNED" (Originally by Wei Wang)
QE will verify it until getting the build with cockpit-ovirt-0.13.3
Test Version rhvh-4.3.5.1-0.20190626.0 cockpit-system-195-1.el7.noarch cockpit-195-1.el7.x86_64 cockpit-dashboard-195-1.el7.x86_64 cockpit-machines-ovirt-195-1.el7.noarch cockpit-storaged-195-1.el7.noarch cockpit-ovirt-dashboard-0.13.3-1.el7ev.noarch cockpit-bridge-195-1.el7.x86_64 cockpit-ws-195-1.el7.x86_64 Test Steps: According to comment 0 Result: The directory /var/lib/ovirt-hosted-engine-setup/cockpit is readable only. [root@hp-dlxxx-xx ~]# ls -al /var/lib/ovirt-hosted-engine-setup/|grep cockpit drwx------. 2 root root 4096 Jun 28 16:08 cockpit Bug is fixed, move to "VERIFIED"
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:2433