[Bug 1859422] Re: security: default ownership and permissions
for panko ^ ** Description changed: + [Impact] Package should security directories and files as below: chown :adm /var/log/ chmod 0750 /var/log/ find /etc/ -exec chown root: "{}" + find /etc/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + # Optional rootwrap.d configuration files. find /etc//rootwrap.d -exec chown root:root "{}" + find /etc//rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" + - find /var/lib/ -exec chown : "{}" + - find /var/lib/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + + find /var/lib/ -exec chown : "{}" + + find /var/lib/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + For keystone, /etc/ files/directories should be owned by keystone:keystone: https://docs.openstack.org/security- guide/identity/checklist.html + + [Test Case] + Regression testing via juju deployed openstack + tempest or autopkgtests for uncharmed projects. + + [Regression Potential] + Low, the same pattern has been used across all affected openstack packages. The changes landed in focal-proposed packages earlier in the cycle for OpenStack and has received a lot of testing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
autopkgtests are passing on the latest version uploaded to focal- proposed, which serves as verification that this bug is fixed: http://autopkgtest.ubuntu.com/packages/p/panko/focal/amd64 ** Tags added: verification-done verification-done-focal ** Also affects: nova (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: swift (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: glance (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: keystone (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: cinder (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: heat (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: designate (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: openstack-trove (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: ironic (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: manila (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: python-glance-store (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: barbican (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: murano-agent (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: murano (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: sahara (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: aodh (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: ironic-inspector (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: zaqar (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: mistral (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: magnum (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: gnocchi (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: senlin (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: watcher (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: placement (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: octavia (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: zvmcloudconnector (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: masakari (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: masakari-monitors (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: placement (Ubuntu Focal) Status: New => Fix Committed ** No longer affects: aodh (Ubuntu Focal) ** No longer affects: barbican (Ubuntu Focal) ** No longer affects: cinder (Ubuntu Focal) ** No longer affects: glance (Ubuntu Focal) ** No longer affects: designate (Ubuntu Focal) ** No longer affects: gnocchi (Ubuntu Focal) ** No longer affects: heat (Ubuntu Focal) ** No longer affects: ironic (Ubuntu Focal) ** No longer affects: ironic-inspector (Ubuntu Focal) ** No longer affects: keystone (Ubuntu Focal) ** No longer affects: magnum (Ubuntu Focal) ** No longer affects: manila (Ubuntu Focal) ** No longer affects: masakari (Ubuntu Focal) ** No longer affects: masakari-monitors (Ubuntu Focal) ** No longer affects: mistral (Ubuntu Focal) ** No longer affects: murano-agent (Ubuntu Focal) ** No longer affects: murano (Ubuntu Focal) ** No longer affects: neutron (Ubuntu Focal) ** No longer affects: nova (Ubuntu Focal) ** No longer affects: octavia (Ubuntu Focal) ** No longer affects: openstack-trove (Ubuntu Focal) ** No longer affects: python-glance-store (Ubuntu Focal) ** No longer affects: senlin (Ubuntu Focal) ** No longer affects: swift (Ubuntu Focal) ** No longer affects: sahara (Ubuntu Focal) ** No longer affects: watcher (Ubuntu Focal) ** No longer affects: zaqar (Ubuntu Focal) ** No longer affects: zvmcloudconnector (Ubuntu Focal) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package nova - 2:21.0.0~b3~git2020041013 .57ff308d6d-0ubuntu2 --- nova (2:21.0.0~b3~git2020041013.57ff308d6d-0ubuntu2) focal; urgency=medium * d/tests/nova-daemons: Skip validation that nova-scheduler is running; this serivce requires configuration of both keystone and the placement service which is beyond the scope of a single unit autopkgtest. * d/tests/control: Install nova-spiceproxy instead of nova-novncproxy during testing as SPICE is the console option supported in Ubuntu main. -- James Page Fri, 17 Apr 2020 09:48:19 +0100 ** Changed in: nova (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Description changed: Package should security directories and files as below: chown :adm /var/log/ chmod 0750 /var/log/ find /etc/ -exec chown root: "{}" + find /etc/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + # Optional rootwrap.d configuration files. find /etc//rootwrap.d -exec chown root:root "{}" + find /etc//rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" + - chown : /var/lib/ - chmod 0750 /var/lib/ + find /var/lib/ -exec chown : "{}" + + find /var/lib/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + For keystone, /etc/ files/directories should be owned by keystone:keystone: https://docs.openstack.org/security- guide/identity/checklist.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package ironic-inspector - 1:10.0.1~git2020032711.4eefb42-0ubuntu1 --- ironic-inspector (1:10.0.1~git2020032711.4eefb42-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/ironic-inspector-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Fri, 27 Mar 2020 11:29:18 -0400 ** Changed in: ironic-inspector (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package murano-agent - 1:5.0.0~b1~git2019121815.2b2cc45-0ubuntu5 --- murano-agent (1:5.0.0~b1~git2019121815.2b2cc45-0ubuntu5) focal; urgency=medium * d/murano-agent.logrotate, d/murano-agent.init.in: Switch from /var/log/murano to /var/log/murano-agent. -- Corey Bryant Wed, 01 Apr 2020 16:50:10 -0400 ** Changed in: murano-agent (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package octavia - 6.0.0~b3~git2020032609.73fca169-0ubuntu1 --- octavia (6.0.0~b3~git2020032609.73fca169-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/octavia-common.postinst: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). * d/rules: Blacklist failing unit tests due to odd Mock behaviour under Python 3.8. -- James Page Tue, 31 Mar 2020 13:14:50 +0100 ** Changed in: octavia (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package glance - 2:20.0.0~b3~git2020032414 .30ece7aa-0ubuntu2 --- glance (2:20.0.0~b3~git2020032414.30ece7aa-0ubuntu2) focal; urgency=medium * d/tests/test-shebang.py: Dropped. No longer used. * d/p/monkey-patch-original-current-thread-active.patch: Cherry-picked from https://review.opendev.org/#/c/716058/. This fixes glance service failures that autopkgtests are hitting with Python 3.8 (LP: #1863021). -- Corey Bryant Mon, 30 Mar 2020 14:41:49 -0400 ** Changed in: glance (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package cinder - 2:16.0.0~b3~git2020032414.a0c0a9e23-0ubuntu1 --- cinder (2:16.0.0~b3~git2020032414.a0c0a9e23-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/cinder-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Tue, 24 Mar 2020 14:47:42 -0400 ** Changed in: cinder (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package zvmcloudconnector - 2.0.0~b1~git2019062011.4fc9142.really.1.4.1-0ubuntu3 --- zvmcloudconnector (2.0.0~b1~git2019062011.4fc9142.really.1.4.1-0ubuntu3) focal; urgency=medium * d/zvmcloudconnector-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). * d/rules, d/compat, d/control: Switch to debhelper compat level 12 and pybuild. -- Corey Bryant Fri, 27 Mar 2020 14:16:07 -0400 ** Changed in: zvmcloudconnector (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package swift - 2.24.1~git2020032711 .712bf3c9f-0ubuntu2 --- swift (2.24.1~git2020032711.712bf3c9f-0ubuntu2) focal; urgency=medium * d/control, d/rules: Move installation of /etc/swift/ files to python3-swift package. -- Corey Bryant Mon, 30 Mar 2020 08:26:09 -0400 ** Changed in: swift (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package gnocchi - 4.3.4-0ubuntu5 --- gnocchi (4.3.4-0ubuntu5) focal; urgency=medium * d/gnocchi-common.postinst.in: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Fri, 27 Mar 2020 16:13:20 + ** Changed in: gnocchi (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package magnum - 10.0.0~b3~git2020032617.ce70da25-0ubuntu1 --- magnum (10.0.0~b3~git2020032617.ce70da25-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/magnum-common.postinst.in: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Thu, 26 Mar 2020 17:03:20 -0400 ** Changed in: magnum (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: zvmcloudconnector (Ubuntu) Importance: Undecided Status: New ** Changed in: zvmcloudconnector (Ubuntu) Importance: Undecided => Medium ** Changed in: zvmcloudconnector (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package masakari - 9.0.0~b3~git2020032617.953e1d8-0ubuntu1 --- masakari (9.0.0~b3~git2020032617.953e1d8-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/masakari-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). * d/p/drop-sqla-utils.patch: Dropped. No longer needed. * d/p/python3.8-compat.patch: Rebased. -- Corey Bryant Thu, 26 Mar 2020 17:04:07 -0400 ** Changed in: masakari (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: ironic-inspector (Ubuntu) Importance: Undecided Status: New ** Changed in: ironic-inspector (Ubuntu) Importance: Undecided => Medium ** Changed in: ironic-inspector (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: magnum (Ubuntu) Importance: Undecided Status: New ** Changed in: magnum (Ubuntu) Importance: Undecided => Medium ** Changed in: magnum (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package python-glance-store - 1.1.0-0ubuntu3 --- python-glance-store (1.1.0-0ubuntu3) focal; urgency=medium * d/python3-glance-store.install: Fix installation of /etc/glance. * d/python3-glance-store.postinst: Added since glance-store installs to /etc/glance/rootwrap.d. Set default ownership and permissions for /etc/ (LP: #1859422). -- Corey Bryant Thu, 26 Mar 2020 09:33:55 -0400 ** Changed in: python-glance-store (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package murano - 1:9.0.0~b2~git2020020609 .25ebd01d-0ubuntu2 --- murano (1:9.0.0~b2~git2020020609.25ebd01d-0ubuntu2) focal; urgency=medium * d/murano-common.postinst.in: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Thu, 26 Mar 2020 14:43:49 -0400 ** Changed in: manila (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package manila - 1:10.0.0~b3~git2020032516.cb016333-0ubuntu1 --- manila (1:10.0.0~b3~git2020032516.cb016333-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/manila-common.postinst.in: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Wed, 25 Mar 2020 16:14:52 -0400 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package mistral - 10.0.0~b3~git2020032611 .8a5d35ac-0ubuntu1 --- mistral (10.0.0~b3~git2020032611.8a5d35ac-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/mistral-common.postinst.in: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). * d/p/skip-test.patch: Dropped. No longer needed. -- Corey Bryant Thu, 26 Mar 2020 11:34:22 -0400 ** Changed in: mistral (Ubuntu) Status: Triaged => Fix Released ** Changed in: murano (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package masakari-monitors - 9.0.0~b3~git2020032614.8711c07-0ubuntu1 --- masakari-monitors (9.0.0~b3~git2020032614.8711c07-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/masakari-monitors-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Thu, 26 Mar 2020 14:31:03 -0400 ** Changed in: masakari-monitors (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package sahara - 1:12.0.0~b3~git2020032616 .0825bdde-0ubuntu1 --- sahara (1:12.0.0~b3~git2020032616.0825bdde-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/sahara-common.postinst.in: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Thu, 26 Mar 2020 16:50:12 + ** Changed in: sahara (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: masakari-monitors (Ubuntu) Importance: Undecided Status: New ** Changed in: masakari-monitors (Ubuntu) Importance: Undecided => Medium ** Changed in: masakari-monitors (Ubuntu) Status: New => Triaged ** Also affects: murano (Ubuntu) Importance: Undecided Status: New ** Changed in: murano (Ubuntu) Importance: Undecided => Medium ** Changed in: murano (Ubuntu) Status: New => Triaged ** Also affects: murano-agent (Ubuntu) Importance: Undecided Status: New ** Changed in: murano-agent (Ubuntu) Importance: Undecided => Medium ** Changed in: murano-agent (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package zaqar - 10.0.0~b3~git2020032614.22c457a5-0ubuntu1 --- zaqar (10.0.0~b3~git2020032614.22c457a5-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/zaqar-common.postinst: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Thu, 26 Mar 2020 14:43:20 + ** Changed in: zaqar (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package barbican - 1:10.0.0~b2~git2020020508.7b14d983-0ubuntu2 --- barbican (1:10.0.0~b2~git2020020508.7b14d983-0ubuntu2) focal; urgency=medium * d/barbican-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Wed, 25 Mar 2020 14:53:42 -0400 ** Changed in: barbican (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package watcher - 1:4.0.0~b3~git2020032633.c17e96d3-0ubuntu1 --- watcher (1:4.0.0~b3~git2020032633.c17e96d3-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/watcher-common.postinst: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Thu, 26 Mar 2020 13:00:37 + ** Changed in: watcher (Ubuntu) Status: Triaged => Fix Released ** Changed in: designate (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package designate - 1:10.0.0~b3~git2020032414.dd359ba3-0ubuntu1 --- designate (1:10.0.0~b3~git2020032414.dd359ba3-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/p/skip-test.patch: Dropped. No longer needed (LP: #1863936). * d/designate-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Tue, 24 Mar 2020 14:48:35 -0400 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Description changed: Package should security directories and files as below: chown :adm /var/log/ chmod 0750 /var/log/ find /etc/ -exec chown root: "{}" + find /etc/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + # Optional rootwrap.d configuration files. find /etc//rootwrap.d -exec chown root:root "{}" + find /etc//rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" + chown : /var/lib/ chmod 0750 /var/lib/ + + For keystone, /etc/ files/directories should be owned by + keystone:keystone: https://docs.openstack.org/security- + guide/identity/checklist.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: zaqar (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package openstack-trove - 1:13.0.0~b3~git2020032626.3cdcfac3-0ubuntu1 --- openstack-trove (1:13.0.0~b3~git2020032626.3cdcfac3-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/p/*: Refresh. * d/*: wrap-and-sort -bast. * d/trove-common.postinst.in: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Thu, 26 Mar 2020 12:27:54 + -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package placement - 3.0.0~b3~git2020032615.971c7aa7-0ubuntu1 --- placement (3.0.0~b3~git2020032615.971c7aa7-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/placement.postinst: Refactor to standardise /etc, /var/lib and /var/log ownership and permissions (LP: #1859422). -- James Page Thu, 26 Mar 2020 12:31:21 + ** Changed in: placement (Ubuntu) Status: Triaged => Fix Released ** Changed in: openstack-trove (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: python-glance-store (Ubuntu) Importance: Undecided Status: New ** Changed in: python-glance-store (Ubuntu) Importance: Undecided => Medium ** Changed in: python-glance-store (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** No longer affects: python-glance-store (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: zaqar (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package heat - 1:14.0.0~b3~git2020032414.d8354d908-0ubuntu1 --- heat (1:14.0.0~b3~git2020032414.d8354d908-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/heat-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Tue, 24 Mar 2020 14:51:59 -0400 ** Changed in: heat (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Also affects: python-glance-store (Ubuntu) Importance: Undecided Status: New ** Changed in: python-glance-store (Ubuntu) Status: New => Triaged ** Changed in: python-glance-store (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package aodh - 10.0.0~b3~git2020032411.ed802044-0ubuntu1 --- aodh (10.0.0~b3~git2020032411.ed802044-0ubuntu1) focal; urgency=medium * d/aodh-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). * New upstream snapshot for OpenStack Ussuri. -- Corey Bryant Tue, 24 Mar 2020 11:48:22 -0400 ** Changed in: aodh (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package keystone - 2:17.0.0~b3~git2020032415.9f9040257-0ubuntu1 --- keystone (2:17.0.0~b3~git2020032415.9f9040257-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/p/add-version-info.patch: Rebased. * d/keystone*.{pre*|post*}: Consolidate and move to keystone-common.postinst, do work when called with configure (aligns with other openstack packages), and set default ownership/permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Tue, 24 Mar 2020 15:02:12 -0400 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package ironic - 1:14.0.1~git2020032415 .de2d907fc-0ubuntu1 --- ironic (1:14.0.1~git2020032415.de2d907fc-0ubuntu1) focal; urgency=medium * New upstream snapshot for OpenStack Ussuri. * d/control: Align (Build-)Depends with upstream. * d/ironic-common.postinst: Set default ownership and permissions for /etc/, /var/lib/, and /var/log/ (LP: #1859422). -- Corey Bryant Tue, 24 Mar 2020 15:12:51 -0400 ** Changed in: ironic (Ubuntu) Status: Triaged => Fix Released ** Changed in: keystone (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
This bug was fixed in the package neutron - 2:16.0.0~b3~git2020032420 .a0e1b5804e-0ubuntu2 --- neutron (2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu2) focal; urgency=medium * d/neutron-common.postinst: Refactor for standardised permissions for /etc, /var/log and /var/lib (LP: #1859422). -- James Page Wed, 25 Mar 2020 15:12:36 + ** Changed in: neutron (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
** Description changed: Package should security directories and files as below: chown :adm /var/log/ chmod 0750 /var/log/ find /etc/ -exec chown root: "{}" + find /etc/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + # Optional rootwrap.d configuration files. find /etc//rootwrap.d -exec chmod root:root "{}" + find /etc//rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" + chown : /var/lib/ - chown 0750 /var/lib/ + chmod 0750 /var/lib/ ** Description changed: Package should security directories and files as below: chown :adm /var/log/ chmod 0750 /var/log/ find /etc/ -exec chown root: "{}" + find /etc/ -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" + # Optional rootwrap.d configuration files. - find /etc//rootwrap.d -exec chmod root:root "{}" + + find /etc//rootwrap.d -exec chown root:root "{}" + find /etc//rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec chmod 0755 "{}" + chown : /var/lib/ chmod 0750 /var/lib/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1859422] Re: security: default ownership and permissions
Latest version of CIS benchmark allows /usr/sbin/nologin or /bin/false for system user account shell configuration so dropping this requirement in this bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1859422 Title: security: default ownership and permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs