The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.
Bug 1809458 - [FDP 20.B] ovn-northd must be able to read files with permissions of a private group
Summary: [FDP 20.B] ovn-northd must be able to read files with permissions of a privat...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux Fast Datapath
Classification: Red Hat
Component: ovn2.11
Version: FDP 20.A
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: ---
Assignee: Ilya Maximets
QA Contact: Jianlin Shi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-03-03 07:44 UTC by Dominik Holler
Modified: 2023-10-05 15:05 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-10-05 15:05:18 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
terminal log (538.42 KB, text/plain)
2020-03-03 07:44 UTC, Dominik Holler 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1791388 0 unspecified CLOSED Launch ovn daemons as non-root user 2021-02-22 00:41:40 UTC
Red Hat Issue Tracker FD-491 0 None None None 2021-08-10 11:41:13 UTC

Internal Links: 1809463

Description Dominik Holler 2020-03-03 07:44:00 UTC 
Created attachment 1667130 [details]
terminal log

Description of problem:
In FDP 20.b the ovn-northd is only member of the single group hugetlbfs.
This is a problem, because if the private key file for ovn-northd has read permissions for the hugetlbfs, other members of the hugetlbfs group can read the private key file, too.

Actual results:
It is not possible to have a file readable only for ovn-northd's group.

Expected results:
It is possible to have a file readable only for ovn-northd's group.
Note You need to log in before you can comment on or make changes to this bug.