launchpad-reviewers team mailing list archive

Thread
Date

[Merge] ~cjwatson/launchpad:charm-ftpmaster-rsync-secrets-permissions into launchpad:master

To: mp+454062@xxxxxxxxxxxxxxxxxx
From: Colin Watson <mp+454062@xxxxxxxxxxxxxxxxxx>
Date: Thu, 19 Oct 2023 16:36:22 -0000
Reply-to: mp+454062@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Colin Watson has proposed merging ~cjwatson/launchpad:charm-ftpmaster-rsync-secrets-permissions into launchpad:master.

Commit message:
charm: Fix permissions of rsync secrets file

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/454062

rsyncd.conf(5) says 'The file must normally not be readable by "other"'.  Fix permissions so that rsync will be prepared to read it.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:charm-ftpmaster-rsync-secrets-permissions into launchpad:master.

diff --git a/charm/launchpad-ftpmaster-publisher/reactive/launchpad-ftpmaster-publisher.py b/charm/launchpad-ftpmaster-publisher/reactive/launchpad-ftpmaster-publisher.py
index 1ccd609..ccf2a10 100644
--- a/charm/launchpad-ftpmaster-publisher/reactive/launchpad-ftpmaster-publisher.py
+++ b/charm/launchpad-ftpmaster-publisher/reactive/launchpad-ftpmaster-publisher.py
@@ -66,7 +66,7 @@ def configure():
             "ftp.secrets.j2",
             rsync_secrets_path,
             config,
-            perms=0o644,
+            perms=0o640,
         )
         config["rsync_secrets_path"] = rsync_secrets_path
     elif os.path.exists("/etc/rsyncd/ftp.secrets"):