yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #92870
[Bug 2018592] Re: Migration config containing secret should not be created in /tmp
** Changed in: nova
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/2018592
Title:
Migration config containing secret should not be created in /tmp
Status in OpenStack Compute (nova):
Fix Released
Bug description:
In nova->placement upgrade procedure document
(https://docs.openstack.org/placement/latest/admin/upgrade-to-
stein.html) /tmp/migrate-db.rc is an example location for migration
config. As this file contains secrets for both nova_api and placement
databases, it is insecure to keep in /tmp/ directory (as most of
admins will forget to shred and remove it). It should be changed from
/tmp/migrate-db.rc to f.e. /root/migrate-db.rc
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/2018592/+subscriptions