[Bug 1588391] Re: ceilometer charm creates world-readable /etc/ceilometer/ceilometer.conf, exposing credentials

Thu Mar 16 15:54:47 UTC 2017

This is fixed now in the ceilometer package which is currently in zesty-
proposed and xenial-staging. I've tested with the charm and
ceilometer.conf perms remain at 0640.

-rw-r-----   1 ceilometer ceilometer   590 Mar 16 15:47 ceilometer.conf

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceilometer in Ubuntu.
https://bugs.launchpad.net/bugs/1588391

Title:
  ceilometer charm creates world-readable
  /etc/ceilometer/ceilometer.conf, exposing credentials

Status in OpenStack ceilometer charm:
  Invalid
Status in Ubuntu Cloud Archive:
  Fix Committed
Status in ceilometer package in Ubuntu:
  Fix Released
Status in ceilometer package in Juju Charms Collection:
  Invalid

Bug description:
  On a newly-installed system using ceilometer from the charm store,
  /etc/ceilometer/ceilometer.conf is world-readable, despite holding a
  number of important credentials:

  ubuntu at juju-machine-131-lxc-2:/etc/ceilometer$ ls -la /etc/ceilometer/ceilometer.conf
  -rw-r--r-- 1 ceilometer ceilometer 1140 Jun  2 14:12 /etc/ceilometer/ceilometer.conf

  Permissions should be changed to 0640 at a maximum.

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-ceilometer/+bug/1588391/+subscriptions