Commit 18914507 authored by Fabio Luchetti's avatar Fabio Luchetti
Browse files

Still need to chmod 400 the sss keys

parent 2518ad63
Pipeline #2633508 skipped with stage
......@@ -82,4 +82,7 @@ RUN yum install -y --nogpg install xrootd-client
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -46,5 +46,7 @@ RUN yum -y --nogpg update \
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -70,4 +70,7 @@ RUN createrepo ${EOSREPODIR} \
RUN if [ "${EOS_CODENAME}" != "diopside" ]; then yum -y --nogpg install quarkdb; else yum -y --nogpg install eos-quarkdb; fi
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -94,4 +94,7 @@ RUN chown daemon:daemon /var/spool/xrootd
# The system tests have a strong bias towards nobody having uid=99 guid=99
RUN usermod -u 99 nobody && groupmod -g 99 nobody
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -79,4 +79,7 @@ RUN echo -e "export EOS_COVERAGE_REPORT=1" >> /etc/sysconfig/eos
RUN mkdir -p /root/rpmbuild/BUILD/ \
&& cp -r --preserve /usr/src/debug/eos-* /root/rpmbuild/BUILD/
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -96,4 +96,7 @@ RUN chown daemon:daemon /var/spool/xrootd
# The system tests have a strong bias towards nobody having uid=99 guid=99
RUN usermod -u 99 nobody && groupmod -g 99 nobody
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -86,4 +86,7 @@ RUN yum install -y --nogpg install xrootd-client-4.11.3
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -72,6 +72,9 @@ RUN apt-get clean \
&& apt-get update \
&& apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.client.keytab
ENV DEBIAN_FRONTEND default
ENTRYPOINT ["/bin/bash"]
......@@ -78,6 +78,9 @@ RUN apt-get clean \
&& apt-get update \
&& apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.client.keytab
ENV DEBIAN_FRONTEND default
ENTRYPOINT ["/bin/bash"]
......@@ -62,4 +62,7 @@ RUN createrepo ${EOSREPODIR} \
eos-archive eos-client eos-fuse eos-fusex eos-ns-inspect eos-server eos-test eos-testkeytab \
&& yum clean all
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -34,11 +34,8 @@ RUN sed -i "s|/usr/bin/xrdcp|/opt/eos/xrootd/bin/xrdcp|g" /etc/xrd.cf.fst
# Install some much needed utility: please bloat with care!
RUN yum -y --nogpg install nano redis && yum clean all && rm -rf /var/cache/yum
# Swap and use the forwardable keytab (installed by the eos-testkeytab package).
# This is useful for clients who reside on a private network and tunnel through a
# Network Address Translation (NAT) device. You can remove these lines if you don't need them.
RUN mv -f /etc/eos.keytab.fw /etc/eos.keytab \
&& chmod 400 /etc/eos.keytab
# sss keytabs needs to be 400
RUN chmod 400 /etc/eos.keytab /etc/eos.client.keytab
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment