Fix authorized_keys file permissions

Explicitly set the file permissions to be 0600

Fixes LP# 1107908

Change-Id: Ife44deff41959180d31e7e88c29233e9b8cb0af2

2 files changed, 3 insertions, 2 deletions

diff --git a/nova/tests/test_virt_disk.py b/nova/tests/test_virt_disk.py
index e6a57e085..0c51e8267 100644
--- a/nova/tests/test_virt_disk.py
+++ b/nova/tests/test_virt_disk.py
@@ -67,7 +67,7 @@ class VirtDiskTest(test.TestCase):
                                       "key was injected by Nova\nmysshkey\n",
                            'gid': 100,
                            'uid': 100,
-                           'mode': 0700})
+                           'mode': 0600})
 
         vfs.teardown()
 
@@ -101,7 +101,7 @@ class VirtDiskTest(test.TestCase):
                                       "key was injected by Nova\nmysshkey\n",
                            'gid': 100,
                            'uid': 100,
-                           'mode': 0700})
+                           'mode': 0600})
 
         vfs.teardown()
 
diff --git a/nova/virt/disk/api.py b/nova/virt/disk/api.py
index 3d7d0f516..304781a64 100644
--- a/nova/virt/disk/api.py
+++ b/nova/virt/disk/api.py
@@ -443,6 +443,7 @@ def _inject_key_into_fs(key, fs):
     ])
 
     _inject_file_into_fs(fs, keyfile, key_data, append=True)
+    fs.set_permissions(keyfile, 0600)
 
     _setup_selinux_for_keys(fs, sshdir)