diff --git a/CHANGELOG b/CHANGELOG index 8616368..f7f3469 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -30,6 +30,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - pf: reorder some rules, more details on some comments - update of tags for each tasks and ease the update of scripts - evocheck: execute evocheck without --cron the first of the month +- etc-git: chmod 600 for local periodic files (daily, weekly, monthly) ### Fixed diff --git a/roles/etc-git/tasks/utils.yml b/roles/etc-git/tasks/utils.yml index 1efb028..c3f7ef8 100644 --- a/roles/etc-git/tasks/utils.yml +++ b/roles/etc-git/tasks/utils.yml @@ -76,7 +76,7 @@ path: /etc/monthly.local line: "/usr/share/scripts/etc-git-optimize" owner: root - mode: "0644" + mode: "0600" create: true tags: - etc-git @@ -87,7 +87,7 @@ line: 'next_part "Monthly optimization:"' insertbefore: "/usr/share/scripts/etc-git-optimize" owner: root - mode: "0644" + mode: "0600" create: true tags: - etc-git @@ -97,7 +97,7 @@ path: /etc/hourly.local line: "who > /dev/null || /usr/share/scripts/etc-git-status" owner: root - mode: "0644" + mode: "0600" create: true state: "{{ etc_git_monitor_status | bool | ternary('present','absent') }}" tags: @@ -109,7 +109,7 @@ line: 'next_part "Hourly warning for unclean Git repository if nobody is connected:"' insertbefore: "who > /dev/null || /usr/share/scripts/etc-git-status" owner: root - mode: "0644" + mode: "0600" create: true state: "{{ etc_git_monitor_status | bool | ternary('present','absent') }}" tags: @@ -120,7 +120,7 @@ path: /etc/daily.local line: "/usr/share/scripts/etc-git-status" owner: root - mode: "0644" + mode: "0600" create: true state: "{{ etc_git_monitor_status | bool | ternary('present','absent') }}" tags: @@ -132,7 +132,7 @@ line: 'next_part "Daily warning for unclean Git repository:"' insertbefore: "/usr/share/scripts/etc-git-status" owner: root - mode: "0644" + mode: "0600" create: true state: "{{ etc_git_monitor_status | bool | ternary('present','absent') }}" tags: