From 91b40ce72f659f7e7c91a30984f39184f7cc0f69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Dubois?= Date: Tue, 13 Dec 2022 19:37:54 +0100 Subject: [PATCH] openvpn: Fix mode of shellpki script --- CHANGELOG.md | 1 + openvpn/tasks/debian.yml | 2 +- openvpn/tasks/openbsd.yml | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 72f793e6..1ca523a4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -55,6 +55,7 @@ The **patch** part changes is incremented if multiple releases happen the same m * varnish: fix missing state, that blocked the task * proftpd: Fix format of public key files controlled by ansible * proftpd: Fix mode of public key directory and files (they have to be accessible by proftpd:nobody) +* openvpn: Fix mode of shellpki script ### Removed diff --git a/openvpn/tasks/debian.yml b/openvpn/tasks/debian.yml index 463df8e9..b0201f0c 100644 --- a/openvpn/tasks/debian.yml +++ b/openvpn/tasks/debian.yml @@ -48,7 +48,7 @@ group: "{{ item.group }}" with_items: - { source: "openssl.cnf", destination: "/etc/shellpki/openssl.cnf", mode: "0640", owner: "shellpki", group: "shellpki" } - - { source: "shellpki", destination: "/usr/local/sbin/shellpki", mode: "0755", owner: "root", group: "root" } + - { source: "shellpki", destination: "/usr/local/sbin/shellpki", mode: "0750", owner: "root", group: "root" } - name: Add sudo rights lineinfile: diff --git a/openvpn/tasks/openbsd.yml b/openvpn/tasks/openbsd.yml index a594e12d..b0e629be 100644 --- a/openvpn/tasks/openbsd.yml +++ b/openvpn/tasks/openbsd.yml @@ -38,7 +38,7 @@ group: "{{ item.group }}" with_items: - { source: "openssl.cnf", destination: "/etc/shellpki/openssl.cnf", mode: "0640", owner: "_shellpki", group: "_shellpki" } - - { source: "shellpki", destination: "/usr/local/sbin/shellpki", mode: "0755", owner: "root", group: "wheel" } + - { source: "shellpki", destination: "/usr/local/sbin/shellpki", mode: "0750", owner: "root", group: "wheel" } - name: Add sudo rights lineinfile: