MAAS

Merge ~andreserl/maas:lp1626940_fix_perms_2.3 into maas:2.3

  1. Git
  2. lp:~andreserl/maas
  3. lp1626940_fix_perms_2.3
  4. Merge into 2.3
Proposed by Andres Rodriguez
Status: Merged
Approved by: Andres Rodriguez
Approved revision: 3be4619e4b5375f9ed03b39593f9c38f6fa6d55f
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~andreserl/maas:lp1626940_fix_perms_2.3
Merge into: maas:2.3
Diff against target: 113 lines (+28/-14)
2 files modified
src/provisioningserver/rpc/dhcp.py (+4/-2)
src/provisioningserver/rpc/tests/test_dhcp.py (+24/-12)
Reviewer Review Type Date Requested Status
Andres Rodriguez (community) Approve
Review via email: mp+345353@code.launchpad.net

Commit message

LP: #1626940 - Do not make dhcp config files world readable

Backport 71d137f from master

To post a comment you must log in.
Revision history for this message
Andres Rodriguez (andreserl) wrote :

selfie!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/provisioningserver/rpc/dhcp.py b/src/provisioningserver/rpc/dhcp.py
2index 4488669..fedaf3e 100644
3--- a/src/provisioningserver/rpc/dhcp.py
4+++ b/src/provisioningserver/rpc/dhcp.py
5@@ -154,10 +154,12 @@ def _write_config(server, state):
6 dhcpd_config, interfaces_config = state.get_config(server)
7 try:
8 sudo_write_file(
9- server.config_filename, dhcpd_config.encode("utf-8"))
10+ server.config_filename, dhcpd_config.encode("utf-8"),
11+ mode=0o640)
12 sudo_write_file(
13 server.interfaces_filename,
14- interfaces_config.encode("utf-8"))
15+ interfaces_config.encode("utf-8"),
16+ mode=0o640)
17 except ExternalProcessError as e:
18 # ExternalProcessError.__str__ contains a generic failure message
19 # as well as the command and its error output. On the other hand,
20diff --git a/src/provisioningserver/rpc/tests/test_dhcp.py b/src/provisioningserver/rpc/tests/test_dhcp.py
21index 58f160e..459e469 100644
22--- a/src/provisioningserver/rpc/tests/test_dhcp.py
23+++ b/src/provisioningserver/rpc/tests/test_dhcp.py
24@@ -574,10 +574,12 @@ class TestConfigureDHCP(MAASTestCase):
25 MockCallsMatch(
26 call(
27 self.server.config_filename,
28- expected_config.encode("utf-8")),
29+ expected_config.encode("utf-8"),
30+ mode=0o640),
31 call(
32 self.server.interfaces_filename,
33- interface["name"].encode("utf-8")),
34+ interface["name"].encode("utf-8"),
35+ mode=0o640),
36 ))
37 self.assertThat(on, MockCalledOnceWith())
38 self.assertThat(
39@@ -623,10 +625,12 @@ class TestConfigureDHCP(MAASTestCase):
40 MockCallsMatch(
41 call(
42 self.server.config_filename,
43- expected_config.encode("utf-8")),
44+ expected_config.encode("utf-8"),
45+ mode=0o640),
46 call(
47 self.server.interfaces_filename,
48- interface["name"].encode("utf-8")),
49+ interface["name"].encode("utf-8"),
50+ mode=0o640),
51 ))
52 self.assertThat(on, MockCalledOnceWith())
53 self.assertThat(
54@@ -673,10 +677,12 @@ class TestConfigureDHCP(MAASTestCase):
55 MockCallsMatch(
56 call(
57 self.server.config_filename,
58- expected_config.encode("utf-8")),
59+ expected_config.encode("utf-8"),
60+ mode=0o640),
61 call(
62 self.server.interfaces_filename,
63- interface["name"].encode("utf-8")),
64+ interface["name"].encode("utf-8"),
65+ mode=0o640),
66 ))
67 self.assertThat(on, MockCalledOnceWith())
68 self.assertThat(
69@@ -730,10 +736,12 @@ class TestConfigureDHCP(MAASTestCase):
70 MockCallsMatch(
71 call(
72 self.server.config_filename,
73- expected_config.encode("utf-8")),
74+ expected_config.encode("utf-8"),
75+ mode=0o640),
76 call(
77 self.server.interfaces_filename,
78- interface["name"].encode("utf-8")),
79+ interface["name"].encode("utf-8"),
80+ mode=0o640),
81 ))
82 self.assertThat(on, MockCalledOnceWith())
83 self.assertThat(
84@@ -801,10 +809,12 @@ class TestConfigureDHCP(MAASTestCase):
85 MockCallsMatch(
86 call(
87 self.server.config_filename,
88- expected_config.encode("utf-8")),
89+ expected_config.encode("utf-8"),
90+ mode=0o640),
91 call(
92 self.server.interfaces_filename,
93- interface["name"].encode("utf-8")),
94+ interface["name"].encode("utf-8"),
95+ mode=0o640),
96 ))
97 self.assertThat(on, MockCalledOnceWith())
98 self.assertThat(
99@@ -876,10 +886,12 @@ class TestConfigureDHCP(MAASTestCase):
100 MockCallsMatch(
101 call(
102 self.server.config_filename,
103- expected_config.encode("utf-8")),
104+ expected_config.encode("utf-8"),
105+ mode=0o640),
106 call(
107 self.server.interfaces_filename,
108- interface["name"].encode("utf-8")),
109+ interface["name"].encode("utf-8"),
110+ mode=0o640),
111 ))
112 self.assertThat(on, MockCalledOnceWith())
113 self.assertThat(

Subscribers

People subscribed via source and target branches