diff options
author | Todd Zullinger <tmz@pobox.com> | 2012-01-28 11:15:16 -0500 |
---|---|---|
committer | Todd Zullinger <tmz@pobox.com> | 2012-01-28 11:27:24 -0500 |
commit | d794a9d9827ffe9f4ed1163f328950512d7de542 (patch) | |
tree | ce560ac76ea70f6005d4aed253796897c7586723 | |
parent | e7a6988fdd8e1fea1e2994f04d84909ec92576dd (diff) | |
download | puppet-host-package-d794a9d9827ffe9f4ed1163f328950512d7de542.tar.gz puppet-host-package-d794a9d9827ffe9f4ed1163f328950512d7de542.tar.xz puppet-host-package-d794a9d9827ffe9f4ed1163f328950512d7de542.zip |
Tighten perms on ca dir to match puppet defaults
-rw-r--r-- | template.spec | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/template.spec b/template.spec index 25408d2..6a0d1f1 100644 --- a/template.spec +++ b/template.spec @@ -37,6 +37,7 @@ cp -a * %{buildroot}%{ssldir} # set modes - puppet resets these on each run, so there's no point in trying to # tighten them up. :/ chmod 0771 %{buildroot}%{ssldir} +chmod 0770 %{buildroot}%{ssldir}/ca chmod 0750 %{buildroot}%{ssldir}/private* chmod 0600 %{buildroot}%{ssldir}/private_keys/%{hostname}.pem @@ -54,6 +55,7 @@ rm -rf %{buildroot} * Sat Jan 28 2012 Todd Zullinger <tmz@pobox.com> - Replace %%define with %%global - Use %%{puppetuser} for ownership of %%{ssldir} +- Tighten perms on ca dir to match puppet defaults * Thu Nov 20 2008 Todd Zullinger <tmz@pobox.com> - Initial template for puppet host package |