On further inspection, these PEM files are being copied to the nodes from the MASTER node when they are provisioned.
The PEM files aren't owned by any package - I'll assume that they are created during the installation of xCAT. Is it safe to lock these files down to mode 0600? /install/postscripts/_xcat/ca.pem /install/postscripts/ca/ca-cert.pem -Russ On Thu, 2017-04-27 at 10:23 -0400, Russell Auld wrote: > I just noticed that there are two world-readable pem files in > /xcatpost after a diskfull image of a node. > Shouldn't those files be restricted or deleted? > > ------------------------------------------------------------------- > ----------- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > xCAT-user mailing list > xCAT-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xcat-user > ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
