Skip to content

Use more permissive umask for .service units (LP: #2072486)#516

Merged
slyon merged 3 commits intocanonical:mainfrom
slyon:world-inaccessible_lp2072486_fr-8238
Sep 12, 2024
Merged

Use more permissive umask for .service units (LP: #2072486)#516
slyon merged 3 commits intocanonical:mainfrom
slyon:world-inaccessible_lp2072486_fr-8238

Conversation

@slyon
Copy link
Contributor

@slyon slyon commented Sep 10, 2024
edited
Loading

Description

networkd:openvswitch:sriov: Permissive umask for .service units (LP#2072486)

Writing world-inaccessible config files doesn't help when the data can still be accessed by any local user through the systemd APIs, e.g.: systemctl show UNIT_NAME.service

Using 640 permission on such .service unit files provides a false illusion of security and leads to systemd warnings in the journal, like this:
systemd[1]: Configuration file /run/systemd/system/netplan-ovs-cleanup.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.

Also:

  • Update tests according
  • Update doc/tread model accordingly

FR-8238

Checklist

  • Runs make check successfully.
  • Retains code coverage (make check-coverage).
  • New/changed keys in YAML format are documented.
  • (Optional) Adds example YAML for new feature.
  • (Optional) Closes an open bug in Launchpad. LP#2072486

@slyon
networkd:openvswitch:sriov: Permissive umask for .service units (LP: …
59c752e 
…#2072487)

Writing world-inaccessible config files doesn't help when the data can still be
accessed by any local user through the systemd APIs, e.g.:
"systemctl show UNIT_NAME.service"

Using 640 permission on such .service unit files provides a false illusion of
security and leads to systemd warnings in the journal, like this:
"systemd[1]: Configuration file /run/systemd/system/netplan-ovs-cleanup.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway."
@slyon
tests: Adopt for more permissive umask of .service units
c9074a5
@slyon
doc: Update thread model regarding .service unit permissions
3fdd2c3
@slyon slyon changed the title Use more ermissive umask for .service units (LP: #2072487) Use more permissive umask for .service units (LP: #2072487) Sep 10, 2024
@slyon slyon added the stable Might be merged in a stable branch label Sep 10, 2024
@slyon slyon requested a review from daniloegea September 10, 2024 11:01
@slyon slyon changed the title Use more permissive umask for .service units (LP: #2072487) Use more permissive umask for .service units (LP: #2072486) Sep 10, 2024
daniloegea
daniloegea approved these changes Sep 11, 2024
View reviewed changes
Copy link
Contributor

@daniloegea daniloegea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@slyon slyon merged commit 4a82c3b into canonical:main Sep 12, 2024
@slyon slyon added the documentation Documentation improvements. label Sep 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@daniloegea daniloegea daniloegea approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

documentation Documentation improvements. stable Might be merged in a stable branch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@slyon @daniloegea