Closed sjpb closed 1 month ago
munged checks on startup that the path to its key is secure.
Because Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2 changed the permissions on /etc this image fails with:
Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2
/etc
munged: Error: Keyfile is insecure: group-writable permissions without sticky bit set on "/etc"
Permissions comparison:
# Rocky-9-GenericCloud-Base-9.3-20231113.0.x86_64.qcow2 [rocky@sb-rl9-3 ~]$ ls -ld /etc/ drwxr-xr-x. 93 root root 8192 Jun 5 14:54 /etc/ # Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2 [rocky@sb-rl9-4 ~]$ ls -ld /etc/ drwxrwxr-x. 88 root root 8192 Jun 5 14:54 /etc/
@m-bull I've asked: https://forums.rockylinux.org/t/changed-permissions-on-etc-in-rl9-4-genericcloud-image/14449
munged checks on startup that the path to its key is secure.
Because
Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2
changed the permissions on/etc
this image fails with:Permissions comparison: