ceph-docker-common: apply 0600 to key permissions

Keys should only be readable and writable by their respective owners and that's all.

Closes: https://github.com/ceph/ceph-ansible/issues/1760
Signed-off-by: Sébastien Han <seb@redhat.com>

diff --git a/roles/ceph-docker-common/tasks/fetch_configs.yml b/roles/ceph-docker-common/tasks/fetch_configs.yml
index 805a81799b13775f246ba944e89e5e95c03d9ebd..03fa62ed05e7e189eec7d7dd6844d874461888d4 100644 (file)
--- a/roles/ceph-docker-common/tasks/fetch_configs.yml
+++ b/roles/ceph-docker-common/tasks/fetch_configs.yml
@@ -47,7 +47,7 @@
     dest: "{{ item.0 }}"
     owner: root
     group: root
-    mode: 0644
+    mode: 0600
   changed_when: false
   with_together:
     - "{{ ceph_config_keys }}"