Set correct permissions of redis_webui.conf files
redis_webui.conf (potentially contains password)
and is world readable. To fix this security issue
we need to set correct permissions of this files.
Change-Id: I75f5f9f8bf6ab3841993c1c324a0e48c12a89fd5
Relate-Prod: PROD-25320 (PROD:25320)
diff --git a/opencontrail/web.sls b/opencontrail/web.sls
index 376ae1c..4b65d35 100644
--- a/opencontrail/web.sls
+++ b/opencontrail/web.sls
@@ -27,6 +27,11 @@
- source: salt://opencontrail/files/{{ web.version }}/redis_webui.conf
- template: jinja
- makedirs: True
+ - mode: 640
+{%- if web.version < 4.0 %}
+ - user: redis
+ - group: redis
+{%- endif %}
{%- if not web.get('config_only', False) %}