Default file permission for firewalld.conf is 644 not 640 (CentOS). Even if I think that "others" don't need to read that, it always shows up as file with non-default permissions from default rpm package in security scans. e.g. "rpm -Va |grep ^.M" or more salty way: "salt '*' pkg.verify" / salt '*' pkg.modified firewalld mode=True; manual fix e.g. rpm --setperms firewalld-*.el7.noarch · b1d6b52307 - firewalld-formula - Natrinicle

Преглед на файлове

Default file permission for firewalld.conf is 644 not 640 (CentOS). Even if I think that "others" don't need to read that, it always shows up as file with non-default permissions from default rpm package in security scans. e.g. "rpm -Va |grep ^.M" or more salty way: "salt '' pkg.verify" / salt '' pkg.modified firewalld mode=True; manual fix e.g. rpm --setperms firewalld-*.el7.noarch

tags/v0.6.2

Angelo Verona преди 7 години

родител

28a15e1707

ревизия

b1d6b52307

променени са 1 файла, в които са добавени 1 реда и са изтрити 1 реда

Разделен изглед Покажи статистика за разликите

							
								+ 1
								
								- 1
							
firewalld/config.slsЦелия файл
								
			@@ -18,7 +18,7 @@ config_firewalld:
		
			    - name: /etc/firewalld/firewalld.conf
		
			    - user: root
		
			    - group: root
		
			    - mode: 640
		
			    - mode: 644
		
			    - source: salt://firewalld/files/firewalld.conf
		
			    - template: jinja
		
			    - require: