Ask Your Question
0

Why does /etc/puppet/ssl need to be world-executable?

asked 2013-09-22 05:51:07 -0500

Joseph Carlos gravatar image

updated 2013-09-22 09:34:28 -0500

I noticed that the SSL directory /etc/puppet/ssl insists on having mode 771. Why does this directory need to be executable by everyone?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2013-09-23 14:11:49 -0500

GregLarkin gravatar image

When running Puppet under Passenger, that directory must be chmod o+x so the process UID can access files/directories in /etc/puppet/ssl. However, the directory is chmod o-rw so the process UID cannot list the contents of the directory, nor change them.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2013-09-22 05:51:07 -0500

Seen: 46 times

Last updated: Sep 23 '13