[Freeipa-devel] [PATCH 0034] Secure permissions of Custodia server.keys
Petr Vobornik
pvoborni at redhat.com
Tue Aug 23 10:49:46 UTC 2016
On 08/09/2016 01:53 PM, Martin Basti wrote:
>
>
> On 08.08.2016 16:09, Christian Heimes wrote:
>> I have split up patch 0032 into two smaller patches. This patch only
>> addresses the server.keys file.
>>
>> Custodia's server.keys file contain the private RSA keys for encrypting
>> and signing Custodia messages. The file was created with permission 644
>> and is only secured by permission 700 of the directory
>> /etc/ipa/custodia. The installer and upgrader ensure that the file
>> has 600.
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=1353936
>> https://fedorahosted.org/freeipa/ticket/6056
>>
>>
> Pylint is running, please wait ...
> ************* Module ipapython.secrets.kem
> ipapython/secrets/kem.py:147: [E0602(undefined-variable), newServerKeys]
> Undefined variable 'os')
> ipapython/secrets/kem.py:148: [E0602(undefined-variable), newServerKeys]
> Undefined variable 'os')
> ************* Module ipaserver.install.custodiainstance
> ipaserver/install/custodiainstance.py:77: [E0602(undefined-variable),
> CustodiaInstance.upgrade_instance] Undefined variable 'stat')
>
>
>
this review looks stuck
--
Petr Vobornik
More information about the Freeipa-devel
mailing list