Merge "Enforce 0600 permissions on an existing SSH private key file."

2020-01-14 20:32:24 +00:00 · 2020-01-14 20:32:24 +00:00 · 9f569d58be
parent 952be514a1 bbca58f2dd
commit 9f569d58be
1 changed files with 1 additions and 0 deletions
--- a/tripleo_common/actions/ansible.py
+++ b/tripleo_common/actions/ansible.py
@ -276,6 +276,7 @@ class AnsiblePlaybookAction(base.TripleOAction):
        # NOTE(flaper87): if it's a path, use it
        if (isinstance(self._ssh_private_key, six.string_types) and
                os.path.exists(self._ssh_private_key)):
+            os.chmod(self._ssh_private_key, 0o600)
            return self._ssh_private_key

        path = os.path.join(self.work_dir, 'ssh_private_key')