Project

General

Profile

Actions

Bug #16136

closed

On relays /var/rudder/share files are not executable for group

Added by Félix DALLIDET about 5 years ago. Updated almost 5 years ago.

Status:
Released
Priority:
N/A
Category:
Relay server or API
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
Reviewed
Fix check:
Checked
Regression:

Description

Does not matter for Linux nodes since the agent run as root. For windows nodes, it is apache which does the policy distirbution.
The perms are:

sles-12-64:/var/rudder # ls -l /var/rudder/share
total 0
drwx--S--- 1 root rudder-policy-reader 10  6 nov.  12:35 25af38fb-808a-4173-8df3-439143d78f47

Which prevents the group to execute the files --> i.e. traverse directories.
We should instead chmod 2770 on the files here.


Subtasks 1 (0 open1 closed)

Bug #16139: Files distributed via apache but download by the agent on relays have the wrong permissionsReleasedNicolas CHARLESActions

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #16907: Slow permissions change of /var/rudder/share during upgradeReleasedNicolas CHARLESActions
Actions

Also available in: Atom PDF