Commit ed981cfd authored by Mihai Patrascoiu's avatar Mihai Patrascoiu
Browse files

Set up proper keytab permissions

parent cccd839b
......@@ -65,8 +65,11 @@ RUN yum install -y --nogpg install xrootd-client
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud
# Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
......
......@@ -46,7 +46,10 @@ RUN createrepo ${EOSREPODIR}; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -50,8 +50,11 @@ RUN createrepo ${EOSREPODIR}; \
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud
# Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
......
......@@ -66,7 +66,10 @@ RUN mkdir -p /root/rpmbuild/BUILD/; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -49,6 +49,6 @@ RUN apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# Change persmissions for keytab
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 600 /etc/eos.keytab
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -49,6 +49,6 @@ RUN apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# Change persmissions for keytab
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 600 /etc/eos.keytab
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -51,7 +51,10 @@ RUN createrepo ${EOSREPODIR}; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment