Tighten file permissions of dispersion.conf

The dispersion.conf contains a password, and should be readable only by
the swift user/group. The tool swift-dispersion-report also needs to
read swift.conf, and that file has already a mode of 640 - thus it makes
sense to use the same mode for this file.

Change-Id: Ia6b3c807b3103983a2dd370aad95c709358f43cc
This commit is contained in:
Christian Schwede 2017-06-21 18:12:02 +02:00
parent 0e8c75e526
commit e8f765dcde
2 changed files with 3 additions and 1 deletions

View File

@ -89,6 +89,7 @@ class swift::dispersion (
ensure => file,
owner => 'swift',
group => 'swift',
mode => '0640',
}
swift_dispersion_config {

View File

@ -31,7 +31,8 @@ describe 'swift::dispersion' do
it { is_expected.to contain_file('/etc/swift/dispersion.conf').with(
:ensure => 'file',
:owner => 'swift',
:group => 'swift',)
:group => 'swift',
:mode => '0640',)
}
shared_examples 'swift::dispersion' do