From fae1f96856871c8448e6751b652321b7a7b2d349 Mon Sep 17 00:00:00 2001 From: mmetc <92726601+mmetc@users.noreply.github.com> Date: Tue, 17 May 2022 12:50:18 +0200 Subject: [PATCH] install config.yaml with chmod 600 (#1518) --- debian/rules | 2 +- rpm/SPECS/crowdsec.spec | 2 +- wizard.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/rules b/debian/rules index 5b956ccd7..88e838f16 100755 --- a/debian/rules +++ b/debian/rules @@ -41,7 +41,7 @@ override_dh_auto_install: cp cmd/crowdsec/crowdsec debian/crowdsec/usr/bin cp cmd/crowdsec-cli/cscli debian/crowdsec/usr/bin cp wizard.sh debian/crowdsec/usr/share/crowdsec - cp config/config.yaml debian/crowdsec/etc/crowdsec/config.yaml + install -m 600 config/config.yaml debian/crowdsec/etc/crowdsec/config.yaml cp config/simulation.yaml debian/crowdsec/etc/crowdsec/simulation.yaml cp config/profiles.yaml debian/crowdsec/etc/crowdsec/profiles.yaml cp config/console.yaml debian/crowdsec/etc/crowdsec/console.yaml diff --git a/rpm/SPECS/crowdsec.spec b/rpm/SPECS/crowdsec.spec index 41c83a90b..ccd6da474 100644 --- a/rpm/SPECS/crowdsec.spec +++ b/rpm/SPECS/crowdsec.spec @@ -59,7 +59,7 @@ install -m 755 -D cmd/crowdsec-cli/cscli %{buildroot}%{_bindir}/cscli install -m 755 -D wizard.sh %{buildroot}/usr/share/crowdsec/wizard.sh install -m 644 -D config/crowdsec.service %{buildroot}%{_unitdir}/%{name}.service install -m 644 -D config/patterns/* -t %{buildroot}%{_sysconfdir}/crowdsec/patterns -install -m 644 -D config/config.yaml %{buildroot}%{_sysconfdir}/crowdsec +install -m 600 -D config/config.yaml %{buildroot}%{_sysconfdir}/crowdsec install -m 644 -D config/simulation.yaml %{buildroot}%{_sysconfdir}/crowdsec install -m 644 -D config/profiles.yaml %{buildroot}%{_sysconfdir}/crowdsec install -m 644 -D config/console.yaml %{buildroot}%{_sysconfdir}/crowdsec diff --git a/wizard.sh b/wizard.sh index 2293c25bc..9d8520e54 100755 --- a/wizard.sh +++ b/wizard.sh @@ -401,7 +401,7 @@ install_crowdsec() { ## end tmp - install -v -m 644 -D ./config/config.yaml "${CROWDSEC_CONFIG_PATH}" 1> /dev/null || exit + install -v -m 600 -D ./config/config.yaml "${CROWDSEC_CONFIG_PATH}" 1> /dev/null || exit install -v -m 644 -D ./config/dev.yaml "${CROWDSEC_CONFIG_PATH}" 1> /dev/null || exit install -v -m 644 -D ./config/user.yaml "${CROWDSEC_CONFIG_PATH}" 1> /dev/null || exit install -v -m 644 -D ./config/acquis.yaml "${CROWDSEC_CONFIG_PATH}" 1> /dev/null || exit