diff options
author | Steven Hardy <shardy@redhat.com> | 2017-09-04 13:53:04 +0100 |
---|---|---|
committer | Emilien Macchi <emilien@redhat.com> | 2017-09-05 15:23:48 +0000 |
commit | 41d599cb37fbc082a4869e32b520d7017085c4f7 (patch) | |
tree | 699ac5e76a621d93921c4cc10ff62977d8e03f74 /docker | |
parent | 9f408dbe8bc8371424ecb816877b1cfe62498f8d (diff) |
Set mode for ansible written files
Use a more restrictive mode for these files, as some may contain sensitive data
which shouldn't be world readable
Closes-Bug: #1714986
Change-Id: Ib1e79b1d4e25d6e329938402b1ca776bdab81bdd
(cherry picked from commit 94c7752cfae64d96124a32bc36ccd6ec7b4df4a7)
Diffstat (limited to 'docker')
-rwxr-xr-x | docker/docker-puppet.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 613adf10..0451ed51 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -366,6 +366,7 @@ for infile in infiles: outfile = os.path.join(os.path.dirname(infile), "hashed-" + os.path.basename(infile)) with open(outfile, 'w') as out_f: + os.chmod(out_f.name, 0600) json.dump(infile_data, out_f) if not success: |