[Bug 1588391] Re: ceilometer charm creates world-readable /etc/ceilometer/ceilometer.conf, exposing credentials
Corey Bryant
corey.bryant at canonical.com
Thu Mar 16 14:34:59 UTC 2017
I've pushed the fix for this to https://code.launchpad.net/~ubuntu-
server-dev/ubuntu/+source/ceilometer/+git/ceilometer.
However, I attempted to upload the package but it was rejected because
there is now an 8.0.1 version of ceilometer in zesty, which wasn't
pushed to the git repo, so now the git repo is out of sync.
Chuck, I'm leaving this for you to fix up.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceilometer in Ubuntu.
https://bugs.launchpad.net/bugs/1588391
Title:
ceilometer charm creates world-readable
/etc/ceilometer/ceilometer.conf, exposing credentials
Status in OpenStack ceilometer charm:
Confirmed
Status in ceilometer package in Ubuntu:
In Progress
Status in ceilometer package in Juju Charms Collection:
Invalid
Bug description:
On a newly-installed system using ceilometer from the charm store,
/etc/ceilometer/ceilometer.conf is world-readable, despite holding a
number of important credentials:
ubuntu at juju-machine-131-lxc-2:/etc/ceilometer$ ls -la /etc/ceilometer/ceilometer.conf
-rw-r--r-- 1 ceilometer ceilometer 1140 Jun 2 14:12 /etc/ceilometer/ceilometer.conf
Permissions should be changed to 0640 at a maximum.
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-ceilometer/+bug/1588391/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list