fence-agents icon indicating copy to clipboard operation
fence-agents copied to clipboard

Published 20 hours ago verified publisher icon ClusterLabs

permissions

Open kk0nrad opened this issue 3 years ago • 2 comments

the fence-virtd provided by various distros (ie: fedora, centos, so on) is embedded with a default config file that has wrong permissions in my opinion:

ls -al /etc/fence_virt.conf -rw-r--r--. 1 root root 272 May 10 2022 /etc/fence_virt.conf

the file should have 600 permissions like the one that is generated via fence_virtd -c

the key file, ie /etc/cluster/fence_xvm.key, should be also checked for permissions before starting the service

kk0nrad avatar Nov 09 '22 08:11 kk0nrad

Thank you for the report. I'll look into how we should implement this.

oalbrigt avatar Nov 09 '22 09:11 oalbrigt

I've added default permissions and checks in fence_virtd: https://github.com/ClusterLabs/fence-agents/pull/513

oalbrigt avatar Nov 21 '22 12:11 oalbrigt