From 5ab9ed3c42781ae1911d253d56d67dc0288d55f7 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Mon, 28 Sep 2009 07:51:26 -0400
Subject: Tighten up permission.

SSSD may contain passwords and other sensitive data, make sure we always keep its
permission tight. Also make /etc/sssd permission very strict, just in case,
admins may inadvertently copy an sssd.conf file without checking it's
permissions.
---
 contrib/sssd.spec.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'contrib')

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 5dc45d28d..9513a6b6e 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -129,7 +129,7 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) %dir %{pipepath}
 %attr(700,root,root) %dir %{pipepath}/private
 %attr(750,root,root) %dir %{_var}/log/%{name}
-%dir %{_sysconfdir}/sssd
+%attr(700,root,root) %dir %{_sysconfdir}/sssd
 %config(noreplace) %{_sysconfdir}/sssd/sssd.conf
 %{_mandir}/man5/sssd.conf.5*
 %{_mandir}/man5/sssd-krb5.5*
-- 
cgit