Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Josh Cooper updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Josh Cooper Fix Version/s: PUP 4.2.3 Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Josh Cooper updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Josh Cooper Release Notes Summary: Previously, puppet generated a CA private key (Puppet[:cacert]) that was initially world readable. Note restarting the puppet master (webrick, passenger, puppetserver or executing the `puppet cert generate` command would automatically remediate the issue, so the issue was limited to the time between when puppet was installed/started and when it was restarted.This change ensure puppets creates the CA private key with mode 640 to start with.Note the private host key (Puppet[:hostprivkey]) had the same issue, but the parent directory was not world executable/traversable, so it wasn't a security issue. This change does fix the host private key so it has mode 640 to start with. Release Notes: Security Fix Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title William Hopper commented on PUP-5274 Re: Puppet cert generate leaves ca_key as 644 on first run Merged up to stable at https://github.com/puppetlabs/puppet/commit/dd656211ba95171793018cd854611925cc51132e and master at https://github.com/puppetlabs/puppet/commit/346c3c1a2ebf91485a4836ddf824ad98911faa87. Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Kylo Ginsberg commented on PUP-5274 Re: Puppet cert generate leaves ca_key as 644 on first run Yes, please merge 3.x -> stable, and stable -> master. Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title William Hopper commented on PUP-5274 Re: Puppet cert generate leaves ca_key as 644 on first run This was merged into 3.x at https://github.com/puppetlabs/puppet/commit/d8d424ddadf82735cfca0b36b8922b396de0f8f2. Now I assume we need to merge it up into stable/master? /cc Kylo Ginsberg Josh Cooper Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: John Duarte Comment: Adding acceptance test for this in [PR-4332|https://github.com/puppetlabs/puppet/pull/4332] and moving back to ready for merge. Once the test is in place, then CI should validate the mode of the ca cert. Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte commented on PUP-5274 Re: Puppet cert generate leaves ca_key as 644 on first run Adding acceptance test for this in PR-4332 and moving back to ready for merge. Once the test is in place, then CI should validate the mode of the ca cert. Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: John Duarte QA Risk Assessment Reason: Escaped security bug Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte assigned an issue to John Duarte Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: John Duarte Assignee: qa John Duarte Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: John Duarte QA Risk Assessment: High Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title John Duarte updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: John Duarte QA Status: Reviewed Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Sean Griffin assigned an issue to qa Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Sean Griffin Status: Ready for CI Test Assignee: qa Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title William Hopper assigned an issue to Unassigned Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: William Hopper Assignee: William Hopper Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title William Hopper assigned an issue to William Hopper Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: William Hopper Assignee: William Hopper Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Josh Cooper assigned an issue to Josh Cooper Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Josh Cooper Assignee: Josh Cooper Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Steve Barlow updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Steve Barlow Sprint: Client 2015-09-30 , Client 2015-10-14 Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Eric Sorenson commented on PUP-5274 Re: Puppet cert generate leaves ca_key as 644 on first run Sent, note this ticket is now public. Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-5274) Puppet cert generate leaves ca_key as 644 on first run
Title: Message Title Eric Sorenson updated an issue Puppet / PUP-5274 Puppet cert generate leaves ca_key as 644 on first run Change By: Eric Sorenson Security: Internal Add Comment This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
