Change permission for conf folder

According to the security guide config files should not be reachable by any users except the owner and root. Change-Id: I691b9c7c04bd3ca05892c36eb0b2dd9c897853c1
2017-01-17 17:24:02 -06:00 · 2017-01-17 17:24:02 -06:00 · 339a076056
commit 339a076056
parent 27221f75a7
1 changed files with 2 additions and 1 deletions
--- a/tasks/cinder_pre_install.yml
+++ b/tasks/cinder_pre_install.yml
@ -35,10 +35,11 @@
    state: directory
    owner: "{{ item.owner|default(cinder_system_user_name) }}"
    group: "{{ item.group|default(cinder_system_group_name) }}"
+    mode: "{{ item.mode|default('0755') }}"
  with_items:
    - { path: "/openstack", mode: "0755", owner: "root", group: "root" }
    - { path: "/var/cache/cinder", mode: "0700" }
-    - { path: "/etc/cinder" }
+    - { path: "/etc/cinder", mode: "0750" }
    - { path: "/etc/cinder/rootwrap.d", owner: "root", group: "root" }
    - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" }
    - { path: "{{ cinder_system_home_folder }}" }