ACL mask added for cert_path

author Balint Varga <balint.varga@nokia.com>

Fri, 26 Jul 2019 07:19:28 +0000 (09:19 +0200)

committer Balint Varga <balint.varga@nokia.com>

Fri, 26 Jul 2019 07:26:55 +0000 (09:26 +0200)
author Balint Varga <balint.varga@nokia.com>
Fri, 26 Jul 2019 07:19:28 +0000 (09:19 +0200)
committer Balint Varga <balint.varga@nokia.com>
Fri, 26 Jul 2019 07:26:55 +0000 (09:26 +0200)
diff --git a/ansible/roles/cert/tasks/main.yml b/ansible/roles/cert/tasks/main.yml

index a23996c..0691b48 100644 (file)
--- a/ansible/roles/cert/tasks/main.yml
+++ b/ansible/roles/cert/tasks/main.yml
@@ -104,7 +104,7 @@
      mode: 0000
    when: not cert_path_register.stat.exists
  
-- name: adding default acl read to {{ users.admin_user_name }} to {{ cert_path }}/ca.epm
+- name: adding default acl read to {{ users.admin_user_name }} to {{ cert_path }}/ca.pem
    acl:
      name:  "{{ cert_path }}/ca.pem"
      entity: "{{ users.admin_user_name }}"
@@ -132,6 +132,14 @@
      state: present
    with_items: "{{ add_users | default([]) }}"
  
+- name: adding mask to the acl
+  acl:
+    name: "{{ cert_path }}"
+    etype: mask
+    permissions: "rx"
+    recursive: yes
+    state: present
+
  - name: create kubeconfig from cert
    include_role:
      name: kubeconfig
diff --git a/rpmbuild.spec b/rpmbuild.spec

index 56a927d..b9b37f3 100644 (file)
--- a/rpmbuild.spec
+++ b/rpmbuild.spec
@@ -15,7 +15,7 @@
  %define COMPONENT security
  %define RPM_NAME caas-%{COMPONENT}
  %define RPM_MAJOR_VERSION 1.0.0
-%define RPM_MINOR_VERSION 2
+%define RPM_MINOR_VERSION 3
  
  Name:           %{RPM_NAME}
  Version:        %{RPM_MAJOR_VERSION}
author	Balint Varga <balint.varga@nokia.com>
	Fri, 26 Jul 2019 07:19:28 +0000 (09:19 +0200)
committer	Balint Varga <balint.varga@nokia.com>
	Fri, 26 Jul 2019 07:26:55 +0000 (09:26 +0200)
ansible/roles/cert/tasks/main.yml		patch \| blob \| history
rpmbuild.spec		patch \| blob \| history