[Freeipa-devel] [PATCH 0034] Secure permissions of Custodia server.keys
Martin Basti
mbasti at redhat.com
Tue Aug 9 11:53:29 UTC 2016
On 08.08.2016 16:09, Christian Heimes wrote:
> I have split up patch 0032 into two smaller patches. This patch only
> addresses the server.keys file.
>
> Custodia's server.keys file contain the private RSA keys for encrypting
> and signing Custodia messages. The file was created with permission 644
> and is only secured by permission 700 of the directory
> /etc/ipa/custodia. The installer and upgrader ensure that the file
> has 600.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1353936
> https://fedorahosted.org/freeipa/ticket/6056
>
>
Pylint is running, please wait ...
************* Module ipapython.secrets.kem
ipapython/secrets/kem.py:147: [E0602(undefined-variable), newServerKeys]
Undefined variable 'os')
ipapython/secrets/kem.py:148: [E0602(undefined-variable), newServerKeys]
Undefined variable 'os')
************* Module ipaserver.install.custodiainstance
ipaserver/install/custodiainstance.py:77: [E0602(undefined-variable),
CustodiaInstance.upgrade_instance] Undefined variable 'stat')
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160809/66b81d2f/attachment.htm>
More information about the Freeipa-devel
mailing list