From be9614654ee8232323a19ec56e551c4f66e6cc72 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tbabej@redhat.com>
Date: Mon, 6 Aug 2012 08:57:14 -0400
Subject: Permissions of replica files changed to 0600.

File system permissions on replica files in /var/lib/ipa were
changed to 0600.

https://fedorahosted.org/freeipa/ticket/2847
---
 install/tools/ipa-replica-prepare | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'install/tools/ipa-replica-prepare')

diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare
index 3b6911288..19360fdf2 100755
--- a/install/tools/ipa-replica-prepare
+++ b/install/tools/ipa-replica-prepare
@@ -422,7 +422,9 @@ def main():
 
     print "Packaging replica information into %s" % encfile
     ipautil.run(["/bin/tar", "cf", replicafile, "-C", top_dir, "realm_info"])
-    ipautil.encrypt_file(replicafile, encfile, dirman_password, top_dir);
+    ipautil.encrypt_file(replicafile, encfile, dirman_password, top_dir)
+
+    os.chmod(encfile, 0600)
 
     remove_file(replicafile)
     shutil.rmtree(dir)
-- 
cgit