From a9ff02aba1f09a865cc22d63642e2b13e2d9ee49 Mon Sep 17 00:00:00 2001
From: Andrey <agrebennikov@mirantis.com>
Date: Tue, 17 Jan 2017 17:16:56 -0600
Subject: [PATCH] Change permission for conf folder

According to the security guide config files should not be
reachable by any users except the owner and root.

Change-Id: I7f4bda340967378e62d862c9066987ac85c16e29
---
 tasks/neutron_pre_install.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/neutron_pre_install.yml b/tasks/neutron_pre_install.yml
index b70e2af3..7c730cf7 100644
--- a/tasks/neutron_pre_install.yml
+++ b/tasks/neutron_pre_install.yml
@@ -38,7 +38,7 @@
     mode: "{{ item.mode | default(omit) }}"
   with_items:
     - { path: "/openstack", owner: "root", group: "root" }
-    - { path: "{{ neutron_conf_dir }}" }
+    - { path: "{{ neutron_conf_dir }}", mode: "0750" }
     - { path: "{{ neutron_conf_dir }}/plugins" }
     - { path: "{{ neutron_conf_dir }}/plugins/{{ neutron_plugin_type.split('.')[0] }}" }
     - { path: "{{ neutron_conf_dir }}/rootwrap.d", owner: "root", group: "root" }