MAAS

Merge ~andreserl/maas:lp1626940_fix_perms into maas:master

  1. Git
  2. lp:~andreserl/maas
  3. lp1626940_fix_perms
  4. Merge into master
Proposed by Andres Rodriguez
Status: Merged
Approved by: Andres Rodriguez
Approved revision: 54abba5f955465938b7f175db056a98aeaf3ad59
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~andreserl/maas:lp1626940_fix_perms
Merge into: maas:master
Diff against target: 113 lines (+28/-14)
2 files modified
src/provisioningserver/rpc/dhcp.py (+4/-2)
src/provisioningserver/rpc/tests/test_dhcp.py (+24/-12)
Reviewer Review Type Date Requested Status
Alberto Donato (community) Approve
MAAS Lander unittests Pending
Review via email: mp+345348@code.launchpad.net

Commit message

LP: #1626940 - Do not make dhcp config files world readable

To post a comment you must log in.
Revision history for this message
Alberto Donato (ack) wrote :

lgtm

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/provisioningserver/rpc/dhcp.py b/src/provisioningserver/rpc/dhcp.py
2index 4488669..fedaf3e 100644
3--- a/src/provisioningserver/rpc/dhcp.py
4+++ b/src/provisioningserver/rpc/dhcp.py
5@@ -154,10 +154,12 @@ def _write_config(server, state):
6 dhcpd_config, interfaces_config = state.get_config(server)
7 try:
8 sudo_write_file(
9- server.config_filename, dhcpd_config.encode("utf-8"))
10+ server.config_filename, dhcpd_config.encode("utf-8"),
11+ mode=0o640)
12 sudo_write_file(
13 server.interfaces_filename,
14- interfaces_config.encode("utf-8"))
15+ interfaces_config.encode("utf-8"),
16+ mode=0o640)
17 except ExternalProcessError as e:
18 # ExternalProcessError.__str__ contains a generic failure message
19 # as well as the command and its error output. On the other hand,
20diff --git a/src/provisioningserver/rpc/tests/test_dhcp.py b/src/provisioningserver/rpc/tests/test_dhcp.py
21index 58f160e..459e469 100644
22--- a/src/provisioningserver/rpc/tests/test_dhcp.py
23+++ b/src/provisioningserver/rpc/tests/test_dhcp.py
24@@ -574,10 +574,12 @@ class TestConfigureDHCP(MAASTestCase):
25 MockCallsMatch(
26 call(
27 self.server.config_filename,
28- expected_config.encode("utf-8")),
29+ expected_config.encode("utf-8"),
30+ mode=0o640),
31 call(
32 self.server.interfaces_filename,
33- interface["name"].encode("utf-8")),
34+ interface["name"].encode("utf-8"),
35+ mode=0o640),
36 ))
37 self.assertThat(on, MockCalledOnceWith())
38 self.assertThat(
39@@ -623,10 +625,12 @@ class TestConfigureDHCP(MAASTestCase):
40 MockCallsMatch(
41 call(
42 self.server.config_filename,
43- expected_config.encode("utf-8")),
44+ expected_config.encode("utf-8"),
45+ mode=0o640),
46 call(
47 self.server.interfaces_filename,
48- interface["name"].encode("utf-8")),
49+ interface["name"].encode("utf-8"),
50+ mode=0o640),
51 ))
52 self.assertThat(on, MockCalledOnceWith())
53 self.assertThat(
54@@ -673,10 +677,12 @@ class TestConfigureDHCP(MAASTestCase):
55 MockCallsMatch(
56 call(
57 self.server.config_filename,
58- expected_config.encode("utf-8")),
59+ expected_config.encode("utf-8"),
60+ mode=0o640),
61 call(
62 self.server.interfaces_filename,
63- interface["name"].encode("utf-8")),
64+ interface["name"].encode("utf-8"),
65+ mode=0o640),
66 ))
67 self.assertThat(on, MockCalledOnceWith())
68 self.assertThat(
69@@ -730,10 +736,12 @@ class TestConfigureDHCP(MAASTestCase):
70 MockCallsMatch(
71 call(
72 self.server.config_filename,
73- expected_config.encode("utf-8")),
74+ expected_config.encode("utf-8"),
75+ mode=0o640),
76 call(
77 self.server.interfaces_filename,
78- interface["name"].encode("utf-8")),
79+ interface["name"].encode("utf-8"),
80+ mode=0o640),
81 ))
82 self.assertThat(on, MockCalledOnceWith())
83 self.assertThat(
84@@ -801,10 +809,12 @@ class TestConfigureDHCP(MAASTestCase):
85 MockCallsMatch(
86 call(
87 self.server.config_filename,
88- expected_config.encode("utf-8")),
89+ expected_config.encode("utf-8"),
90+ mode=0o640),
91 call(
92 self.server.interfaces_filename,
93- interface["name"].encode("utf-8")),
94+ interface["name"].encode("utf-8"),
95+ mode=0o640),
96 ))
97 self.assertThat(on, MockCalledOnceWith())
98 self.assertThat(
99@@ -876,10 +886,12 @@ class TestConfigureDHCP(MAASTestCase):
100 MockCallsMatch(
101 call(
102 self.server.config_filename,
103- expected_config.encode("utf-8")),
104+ expected_config.encode("utf-8"),
105+ mode=0o640),
106 call(
107 self.server.interfaces_filename,
108- interface["name"].encode("utf-8")),
109+ interface["name"].encode("utf-8"),
110+ mode=0o640),
111 ))
112 self.assertThat(on, MockCalledOnceWith())
113 self.assertThat(

Subscribers

People subscribed via source and target branches