rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-07-04 10:36:14 +00:00
Code Issues Releases Wiki Activity

set the permissions for /var/lib/rancher/conf to 0700

Browse Source 
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
This commit is contained in:
Sven Dowideit 2017-03-13 17:17:15 +10:00
parent 63c3d57993
commit 27f11ec6c2
6 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/control/install.go
View File

@ -562,7 +562,7 @@ func seedData(baseName, cloudData string, files []string) error {
return err return err
} }
if err = os.MkdirAll(filepath.Join(baseName, "/var/lib/rancher/conf/cloud-config.d"), 0755); err != nil { if err = os.MkdirAll(filepath.Join(baseName, "/var/lib/rancher/conf/cloud-config.d"), 0700); err != nil {
return err return err
} }

2
config/cloudinit/datasource/configdrive/configdrive.go
View File

@ -147,7 +147,7 @@ func (cd *ConfigDrive) tryReadFile(filename string) ([]byte, error) {
} }
func MountConfigDrive() error { func MountConfigDrive() error {
if err := os.MkdirAll(configDevMountPoint, 644); err != nil { if err := os.MkdirAll(configDevMountPoint, 700); err != nil {
return err return err
} }

2
config/disk.go
View File

@ -220,7 +220,7 @@ func WriteToFile(data interface{}, filename string) error {
return err return err
} }
if err := os.MkdirAll(filepath.Dir(filename), os.ModeDir|0755); err != nil { if err := os.MkdirAll(filepath.Dir(filename), os.ModeDir|0700); err != nil {
return err return err
} }

1
config/types.go
View File

@ -38,6 +38,7 @@ const (
System = "system" System = "system"
OsConfigFile = "/usr/share/ros/os-config.yml" OsConfigFile = "/usr/share/ros/os-config.yml"
VarRancherDir = "/var/lib/rancher"
CloudConfigDir = "/var/lib/rancher/conf/cloud-config.d" CloudConfigDir = "/var/lib/rancher/conf/cloud-config.d"
CloudConfigBootFile = "/var/lib/rancher/conf/cloud-config.d/boot.yml" CloudConfigBootFile = "/var/lib/rancher/conf/cloud-config.d/boot.yml"
CloudConfigNetworkFile = "/var/lib/rancher/conf/cloud-config.d/network.yml" CloudConfigNetworkFile = "/var/lib/rancher/conf/cloud-config.d/network.yml"

8
init/init.go
View File

@ -330,13 +330,19 @@ func RunInit() error {
mountOem, mountOem,
func(cfg *config.CloudConfig) (*config.CloudConfig, error) { func(cfg *config.CloudConfig) (*config.CloudConfig, error) {
for name, content := range configFiles { for name, content := range configFiles {
if err := os.MkdirAll(filepath.Dir(name), os.ModeDir|0755); err != nil { if err := os.MkdirAll(filepath.Dir(name), os.ModeDir|0700); err != nil {
log.Error(err) log.Error(err)
} }
if err := util.WriteFileAtomic(name, content, 400); err != nil { if err := util.WriteFileAtomic(name, content, 400); err != nil {
log.Error(err) log.Error(err)
} }
} }
if err := os.MkdirAll(config.VarRancherDir, os.ModeDir|0755); err != nil {
log.Error(err)
}
if err := os.Chmod(config.VarRancherDir, os.ModeDir|0755); err != nil {
log.Error(err)
}
return cfg, nil return cfg, nil
}, },
func(cfg *config.CloudConfig) (*config.CloudConfig, error) { func(cfg *config.CloudConfig) (*config.CloudConfig, error) {

2
tests/network_test.go
View File

@ -55,6 +55,8 @@ func (s *QemuSuite) TestNetworkCfg(c *C) {
inet6 ::1/128 scope host inet6 ::1/128 scope host
valid_lft forever preferred_lft forever valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet XX.XX.XX.XX/24 brd 10.0.2.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.41/24 scope global eth0 inet 10.1.0.41/24 scope global eth0
valid_lft forever preferred_lft forever valid_lft forever preferred_lft forever
inet6 XX::XX:XX:XX:XX/64 scope link inet6 XX::XX:XX:XX:XX/64 scope link