Hi all- This morning, Patrick and Pierre noticed that the fedmsg keys deployed by ansible were being set on their systems as world readable (o+r).
Those keys have been revoked, regenerated, and redeployed with the correct mode
as of 15:00 UTC.
The following keys were affected:
bodhi-releng01.phx2.fedoraproject.org.key
bodhi-releng02.phx2.fedoraproject.org.key
copr-copr-be.cloud.fedoraproject.org.key
fedbadges-badges-backend01.phx2.fedoraproject.org.key
fedbadges-badges-backend01.stg.phx2.fedoraproject.org.key
nuancier-nuancier01.phx2.fedoraproject.org.key
nuancier-nuancier01.stg.phx2.fedoraproject.org.key
nuancier-nuancier02.phx2.fedoraproject.org.key
nuancier-nuancier02.stg.phx2.fedoraproject.org.key
shell-badges-backend01.phx2.fedoraproject.org.key
shell-badges-backend01.stg.phx2.fedoraproject.org.key
shell-badges-web01.phx2.fedoraproject.org.key
shell-badges-web01.stg.phx2.fedoraproject.org.key
shell-badges-web02.phx2.fedoraproject.org.key
shell-copr-be.cloud.fedoraproject.org.key
shell-nuancier01.phx2.fedoraproject.org.key
shell-nuancier01.stg.phx2.fedoraproject.org.key
shell-nuancier02.phx2.fedoraproject.org.key
shell-nuancier02.stg.phx2.fedoraproject.org.key
tahrir-badges-web01.phx2.fedoraproject.org.key
tahrir-badges-web01.stg.phx2.fedoraproject.org.key
tahrir-badges-web02.phx2.fedoraproject.org.key
The majority of our other keys deployed by puppet were not affected.
-Ralph
pgp3tDBQCsqsr.pgp
Description: PGP signature
_______________________________________________ infrastructure mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/infrastructure
