commit 38f67ef70fdc77cf92d0f0fe4321a9d8caaa99e7
author Taras Khlivnyak <tkhlivnyak@mirantis.com> Wed Aug 18 13:37:17 2021 +0300
committer Taras Khlivnyak <tkhlivnyak@mirantis.com> Wed Aug 25 13:13:18 2021 +0300
tree 142a8878b448c7f3d01849c564a0491bd406db5a
parent a8987673a04b1fd491844be2cb2ea4af8418530f

 Fix file permissions.

Fixes-bug: PROD-36504
Change-Id: I02edb8108a748fe2e97a5aeddc1a931d824439ad

metadata/service/compute/ovn/single.yml

diff --git a/metadata/service/compute/ovn/single.yml b/metadata/service/compute/ovn/single.yml
index a1fb5bc..eb631b2 100644
--- a/metadata/service/compute/ovn/single.yml
+++ b/metadata/service/compute/ovn/single.yml
@@ -2,6 +2,7 @@
 - neutron
 classes:
 - service.neutron.support
+- service.neutron.file_permissions
 parameters:
   _param:
     ovn_external_bridge: br-floating

metadata/service/compute/single.yml

diff --git a/metadata/service/compute/single.yml b/metadata/service/compute/single.yml
index 075c9a5..1aa181b 100644
--- a/metadata/service/compute/single.yml
+++ b/metadata/service/compute/single.yml
@@ -2,6 +2,7 @@
 - neutron
 classes:
 - service.neutron.support
+- service.neutron.file_permissions
 parameters:
   _param:
     openstack_log_appender: false

metadata/service/control/cluster.yml

diff --git a/metadata/service/control/cluster.yml b/metadata/service/control/cluster.yml
index f95a0b7..4866cdf 100644
--- a/metadata/service/control/cluster.yml
+++ b/metadata/service/control/cluster.yml
@@ -2,6 +2,7 @@
 - neutron
 classes:
 - service.neutron.support
+- service.neutron.file_permissions
 parameters:
   _param:
     keystone_neutron_endpoint_type: internal

metadata/service/control/single.yml

diff --git a/metadata/service/control/single.yml b/metadata/service/control/single.yml
index 44917e3..ca3f783 100644
--- a/metadata/service/control/single.yml
+++ b/metadata/service/control/single.yml
@@ -2,6 +2,7 @@
 - neutron
 classes:
 - service.neutron.support
+- service.neutron.file_permissions
 parameters:
   _param:
     keystone_neutron_endpoint_type: internal

metadata/service/file_permissions.yml

diff --git a/metadata/service/file_permissions.yml b/metadata/service/file_permissions.yml
new file mode 100644
index 0000000..75bc0c5
--- /dev/null
+++ b/metadata/service/file_permissions.yml
@@ -0,0 +1,8 @@
+parameters:
+  neutron:
+    directories:
+      /etc/neutron:
+        mode: '0750'
+    files:
+      /etc/neutron/api-paste.ini:
+        mode: '0640'

metadata/service/gateway/single.yml

diff --git a/metadata/service/gateway/single.yml b/metadata/service/gateway/single.yml
index 5dfa8c4..97314f6 100644
--- a/metadata/service/gateway/single.yml
+++ b/metadata/service/gateway/single.yml
@@ -2,6 +2,7 @@
 - neutron
 classes:
 - service.neutron.support
+- service.neutron.file_permissions
 parameters:
   _param:
     openstack_log_appender: false