Skip to content
Snippets Groups Projects
Commit ed981cfd authored by Mihai Patrascoiu's avatar Mihai Patrascoiu
Browse files

Set up proper keytab permissions

parent cccd839b
No related branches found
No related tags found
No related merge requests found
......@@ -65,8 +65,11 @@ RUN yum install -y --nogpg install xrootd-client
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud
# Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
......
......@@ -46,7 +46,10 @@ RUN createrepo ${EOSREPODIR}; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -50,8 +50,11 @@ RUN createrepo ${EOSREPODIR}; \
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud
# Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
# Change owner of /var/spool/xrootd directory to daemon
RUN chown daemon:daemon /var/spool/xrootd
......
......@@ -66,7 +66,10 @@ RUN mkdir -p /root/rpmbuild/BUILD/; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -49,6 +49,6 @@ RUN apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# Change persmissions for keytab
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 600 /etc/eos.keytab
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -49,6 +49,6 @@ RUN apt-get install -y eos-client eos-fuse eos-fusex eos-test eos-testkeytab
# Change persmissions for keytab
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 600 /etc/eos.keytab
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
......@@ -51,7 +51,10 @@ RUN createrepo ${EOSREPODIR}; \
# Generate a new forwardable keytab 'eos-test+' to replace the not-forwardable one (installed by the eos-testkeytab package).
# This is useful to deploy EOS on Kubernetes clusters running on CERN's Cloud Infrastructure; you can remove these lines if you don't need one.
RUN yes | xrdsssadmin -k eos-test del /etc/eos.keytab; \
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab; \
chown daemon:daemon /etc/eos.keytab
yes | xrdsssadmin -u daemon -g daemon -k eos-test+ -n 1234567890123456789 add /etc/eos.keytab
# Setup keytab permissions
RUN chown daemon:daemon /etc/eos.keytab; \
chmod 400 /etc/eos.keytab
ENTRYPOINT ["/bin/bash"]
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment