diff options
| author | Brenton Leanhardt <bleanhar@redhat.com> | 2016-03-23 14:41:11 -0400 |
|---|---|---|
| committer | Brenton Leanhardt <bleanhar@redhat.com> | 2016-03-23 14:41:11 -0400 |
| commit | 405b41c715312cd52ad9ec5f39de4ef9ede519c7 (patch) | |
| tree | f8e54ba3cb98d863bcdd41fa1d792580cefcc99e | |
| parent | 390d6dd5307a00f64ab7f1974c1b1719b3d4857b (diff) | |
| parent | a51b7d5fda69b3f88b0231c8b805755fe98691ca (diff) | |
| download | openshift-405b41c715312cd52ad9ec5f39de4ef9ede519c7.tar.gz openshift-405b41c715312cd52ad9ec5f39de4ef9ede519c7.tar.bz2 openshift-405b41c715312cd52ad9ec5f39de4ef9ede519c7.tar.xz openshift-405b41c715312cd52ad9ec5f39de4ef9ede519c7.zip | |
Merge pull request #1644 from elyscape/named-certs-permissions
Lock down permissions on named certificates
| -rw-r--r-- | playbooks/common/openshift-master/config.yml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 972427c53..f1eaf8e16 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -311,13 +311,14 @@ file: path: "{{ named_certs_dir }}" state: directory + mode: 0700 when: named_certs_specified | bool - name: Land named certificates copy: src="{{ item.certfile }}" dest="{{ named_certs_dir }}" with_items: openshift_master_named_certificates when: named_certs_specified | bool - name: Land named certificate keys - copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" + copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" mode=0600 with_items: openshift_master_named_certificates when: named_certs_specified | bool |