saltstack-formulas/salt-formula
Template
2
0
Fork 0
Code Releases Activity

Enforced root-only permissions on cloud.providers.d.

Browse Source 
As mentioned in issue #118, provider files may contain passwords
or API keys and should be restricted. Profiles/maps are probably
OK with the defaults.
This commit is contained in:
Andrew Vant 2015-04-06 11:24:41 -04:00
parent f3ed6e1828
commit f0e9c2df87
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
salt/cloud.sls
View File

@ -56,9 +56,17 @@ salt-cloud-{{ dir }}:
- name: /etc/salt/cloud.{{ dir }}.d
- source: {{ source }}
- template: jinja
- user: root
- group: root
- dir_mode: 755
- file_mode: 644
- makedirs: True
{%- endfor %}
salt-cloud-providers-permissions:
file.directory:
- name: /etc/salt/cloud.providers.d
- user: root
- group: root
- file_mode: 600
- dir_mode: 700
- recurse:
- user
- group
- mode