Change galera bootstrap scripts files permissions
During Galera bootstrap stage the following help scripts are created:
/usr/local/sbin/galera_init.sh
/usr/local/sbin/galera_bootstrap.sh
Both contain mysql root password in a plain text.
Set file permissions to 750
Change-Id: Ie0d5fa7f81ef7ccbd6b9def7a4f2141c32dcc4ee
Relaited-prod: https://mirantis.jira.com/browse/PROD-15487
diff --git a/galera/master.sls b/galera/master.sls
index ba04bfc..299eb4e 100644
--- a/galera/master.sls
+++ b/galera/master.sls
@@ -116,7 +116,7 @@
galera_init_script:
file.managed:
- name: /usr/local/sbin/galera_init.sh
- - mode: 755
+ - mode: 750
- source: salt://galera/files/init_bootstrap.sh
- defaults:
service: {{ master|yaml }}
@@ -126,7 +126,7 @@
galera_bootstrap_script:
file.managed:
- name: /usr/local/sbin/galera_bootstrap.sh
- - mode: 755
+ - mode: 750
- source: salt://galera/files/bootstrap.sh
- defaults:
service: {{ master|yaml }}
diff --git a/galera/slave.sls b/galera/slave.sls
index 0f50f84..c9da051 100644
--- a/galera/slave.sls
+++ b/galera/slave.sls
@@ -115,7 +115,7 @@
galera_init_script:
file.managed:
- name: /usr/local/sbin/galera_init.sh
- - mode: 755
+ - mode: 750
- source: salt://galera/files/init_bootstrap.sh
- defaults:
service: {{ slave|yaml }}
@@ -124,7 +124,7 @@
galera_bootstrap_script:
file.managed:
- name: /usr/local/sbin/galera_bootstrap.sh
- - mode: 755
+ - mode: 750
- defaults:
service: {{ slave|yaml }}
slave: True