Make sure that /root in overlay is owned by root
as well as that /root/.ssh and its content is only owned and readable by root. This is redundant if the previous permissions were properly applied and no other changes have been made by the user or something else, but is added for good measure as a layered defense.
This commit is contained in:
parent
ca353ed406
commit
75e566ab61
|
@ -14,10 +14,17 @@ if ! test -d "$MODEL_OVERLAY"; then
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
args=""
|
||||||
|
if [ "x$COSMOS_VERBOSE" = "xy" ]; then
|
||||||
|
args="-v"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -d "$MODEL_OVERLAY/root" ]; then
|
if [ -d "$MODEL_OVERLAY/root" ]; then
|
||||||
args=""
|
chown ${args} root:root "$MODEL_OVERLAY"/root
|
||||||
if [ "x$COSMOS_VERBOSE" = "xy" ]; then
|
|
||||||
args="-v"
|
|
||||||
fi
|
|
||||||
chmod ${args} 0700 "$MODEL_OVERLAY"/root
|
chmod ${args} 0700 "$MODEL_OVERLAY"/root
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -d "$MODEL_OVERLAY/root/.ssh" ]; then
|
||||||
|
chown ${args} -R root:root "$MODEL_OVERLAY"/root/.ssh
|
||||||
|
chmod ${args} 0700 "$MODEL_OVERLAY"/root/.ssh
|
||||||
|
fi
|
||||||
|
|
Loading…
Reference in a new issue