djdanielsson
commented
3 months ago I am trying to think of any scenario where this could break something
Closed dbk-rabel closed 3 months ago
djdanielsson
commented
3 months ago I am trying to think of any scenario where this could break something
dbk-rabel
commented
3 months ago I am trying to think of any scenario where this could break something
Well, theoretically someone could try to start setup.sh with a different user. So in theory it could break something.
But I guess thats very uncommon. If people use aap_setup_prepare, they probably also use aap_setup_install and will therefore probably use the same ansible user.
djdanielsson
commented
3 months ago yea I had a similar thought... how about this change it to 640 and we go with that? that way if someone wants to use a different user to deploy or something they could just add them to the same group and it should just work
dbk-rabel
commented
3 months ago yea I had a similar thought... how about this change it to 640 and we go with that? that way if someone wants to use a different user to deploy or something they could just add them to the same group and it should just work
Yes, that should also be fine. :)
The inventory file that aap_setup_prepare generates contains a lot of credentials, but has very unsafe permissions (664) at the moment.
This commit changes it to 600 permissions.
fixes #237