IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity
ba8cbb8c62
freeipa/ipaserver/install/server
History
Christian Heimes ba8cbb8c62
Ensure that public cert and CA bundle are readable 
In CIS hardened mode, the process umask is 027. This results in some
files not being world readable. Ensure that write_certificate_list()
calls in client installer, server installer, and upgrader create cert
bundles with permission bits 0644.

Fixes: https://pagure.io/freeipa/issue/7594
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Tibor Dudlak <tdudlak@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2018-06-27 11:05:01 +02:00
..
__init__.py install: validate AD trust-related options in installers 2018-04-17 14:28:45 +02:00
install.py server install: drop some print statements, change log level 2018-06-20 08:38:03 +02:00
replicainstall.py Ensure that public cert and CA bundle are readable 2018-06-27 11:05:01 +02:00
upgrade.py Increase WSGI process count to 5 on 64bit 2018-06-15 13:02:53 +02:00