Merge pull request #1547 from sdodson/cert-perms

Lock down generated certs dir
author: Brenton Leanhardt <bleanhar@redhat.com> 2016-03-07 09:32:24 -0500
committer: Brenton Leanhardt <bleanhar@redhat.com> 2016-03-07 09:32:24 -0500
commit: 84840dda51aaff56c26fce6cbdc06cbac5b35637 (patch)
tree: c4b909627d2d9ecdd146fdd727e093b21701478c /roles/openshift_node_certificates
parent: faacbce80c0946be1451b1f2593c1f55dd64c133 (diff)
parent: f59c8931c3dd13f143570dee54bca6b5d63023fd (diff)
download: openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.gz
openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.bz2
openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.xz
openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/openshift_node_certificates/tasks/main.yml b/roles/openshift_node_certificates/tasks/main.yml
index b54811414..c9a7a40c8 100644
--- a/roles/openshift_node_certificates/tasks/main.yml
+++ b/roles/openshift_node_certificates/tasks/main.yml
@@ -3,6 +3,7 @@
   file:
     path: "{{ openshift_generated_configs_dir }}"
     state: directory
+    mode: 0700
   when: nodes_needing_certs | length > 0
 
 - name: Generate the node client config
author	Brenton Leanhardt <bleanhar@redhat.com>	2016-03-07 09:32:24 -0500
committer	Brenton Leanhardt <bleanhar@redhat.com>	2016-03-07 09:32:24 -0500
commit	84840dda51aaff56c26fce6cbdc06cbac5b35637 (patch)
tree	c4b909627d2d9ecdd146fdd727e093b21701478c /roles/openshift_node_certificates
parent	faacbce80c0946be1451b1f2593c1f55dd64c133 (diff)
parent	f59c8931c3dd13f143570dee54bca6b5d63023fd (diff)
download	openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.gz openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.bz2 openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.tar.xz openshift-84840dda51aaff56c26fce6cbdc06cbac5b35637.zip