From d794a9d9827ffe9f4ed1163f328950512d7de542 Mon Sep 17 00:00:00 2001
From: Todd Zullinger <tmz@pobox.com>
Date: Sat, 28 Jan 2012 11:15:16 -0500
Subject: Tighten perms on ca dir to match puppet defaults

---
 template.spec | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/template.spec b/template.spec
index 25408d2..6a0d1f1 100644
--- a/template.spec
+++ b/template.spec
@@ -37,6 +37,7 @@ cp -a * %{buildroot}%{ssldir}
 # set modes - puppet resets these on each run, so there's no point in trying to
 # tighten them up. :/
 chmod 0771 %{buildroot}%{ssldir}
+chmod 0770 %{buildroot}%{ssldir}/ca
 chmod 0750 %{buildroot}%{ssldir}/private*
 chmod 0600 %{buildroot}%{ssldir}/private_keys/%{hostname}.pem
 
@@ -54,6 +55,7 @@ rm -rf %{buildroot}
 * Sat Jan 28 2012 Todd Zullinger <tmz@pobox.com>
 - Replace %%define with %%global
 - Use %%{puppetuser} for ownership of %%{ssldir}
+- Tighten perms on ca dir to match puppet defaults
 
 * Thu Nov 20 2008 Todd Zullinger <tmz@pobox.com>
 - Initial template for puppet host package
-- 
cgit