[Bug 1859422] Re: security: default ownership and permissions

Launchpad Bug Tracker 1859422 at bugs.launchpad.net
Wed Mar 25 22:08:42 UTC 2020


This bug was fixed in the package aodh -
10.0.0~b3~git2020032411.ed802044-0ubuntu1

---------------
aodh (10.0.0~b3~git2020032411.ed802044-0ubuntu1) focal; urgency=medium

  * d/aodh-common.postinst: Set default ownership and permissions for
    /etc/<pkg>, /var/lib/<pkg>, and /var/log/<pkg> (LP: #1859422).
  * New upstream snapshot for OpenStack Ussuri.

 -- Corey Bryant <corey.bryant at canonical.com>  Tue, 24 Mar 2020 11:48:22
-0400

** Changed in: aodh (Ubuntu)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to cinder in Ubuntu.
https://bugs.launchpad.net/bugs/1859422

Title:
  security: default ownership and permissions

Status in aodh package in Ubuntu:
  Fix Released
Status in barbican package in Ubuntu:
  Triaged
Status in cinder package in Ubuntu:
  Triaged
Status in designate package in Ubuntu:
  Triaged
Status in glance package in Ubuntu:
  Triaged
Status in gnocchi package in Ubuntu:
  Triaged
Status in heat package in Ubuntu:
  Triaged
Status in ironic package in Ubuntu:
  Fix Released
Status in keystone package in Ubuntu:
  Fix Released
Status in manila package in Ubuntu:
  Triaged
Status in masakari package in Ubuntu:
  Triaged
Status in mistral package in Ubuntu:
  Triaged
Status in neutron package in Ubuntu:
  Fix Released
Status in nova package in Ubuntu:
  Triaged
Status in octavia package in Ubuntu:
  Triaged
Status in openstack-trove package in Ubuntu:
  Triaged
Status in placement package in Ubuntu:
  Triaged
Status in sahara package in Ubuntu:
  Triaged
Status in senlin package in Ubuntu:
  Triaged
Status in swift package in Ubuntu:
  Triaged
Status in watcher package in Ubuntu:
  Triaged

Bug description:
  Package should security directories and files as below:

    chown <pkg>:adm /var/log/<pkg>
    chmod 0750 /var/log/<pkg>

    find /etc/<pkg> -exec chown root:<pkg> "{}" +
    find /etc/<pkg> -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" +

    # Optional rootwrap.d configuration files.
    find /etc/<pkg>/rootwrap.d -exec chown root:root "{}" +
    find /etc/<pkg>/rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" +

    chown <pkg>:<pkg> /var/lib/<pkg>
    chmod 0750 /var/lib/<pkg>

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list