/home/keys permission

[joseftschiggerlnts]

Describe the problem/challenge you have When using the StorageClass with encryption enabled the directory /home/keys gets created with the key placed inside. I believe that the keys directory should not be created with the default 0755 permission but with e.g. 0700 as only root needs to be able to access the key and no other user.

Describe the solution you'd like Tighter permissions for /home/keys and/or key-file within.

Environment:

• ZFS-LocalPV version: 2.1.0

• Kubernetes version (use kubectl version):

  • Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.8+k3s2", GitCommit:"fe3cecc219175ea85d7a95ed9e44349d94734bc7", GitTreeState:"clean", BuildDate:"2022-07-06T20:35:20Z", GoVersion:"go1.17.5", Compiler:"gc", Platform:"linux/amd64"}
  • Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.8+k3s2", GitCommit:"fe3cecc219175ea85d7a95ed9e44349d94734bc7", GitTreeState:"clean", BuildDate:"2022-07-06T20:35:20Z", GoVersion:"go1.17.5", Compiler:"gc", Platform:"linux/amd64"}

• Kubernetes installer & version: k3s

• Cloud provider or hardware configuration: local vm

• OS (e.g. from /etc/os-release): Ubuntu 20.04.5 LTS

[hrudaya21]

@joseftschiggerlnts Can you please share the steps followed to generate the scenario.

[sinhaashish]

@joseftschiggerlnts can you please update , or else we will close this issue as there is no response.

[joseftschiggerlnts]

Good day, I found a suitable workaournd for me. This issue can be closed.