Uploaded image for project: 'Couchbase Kubernetes'
  1. Couchbase Kubernetes
  2. K8S-2957

passphrase script needs public r+x permissions

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 2.4.0
    • None
    • operator
    • None
    • 9 - Krakend
    • 1

    Description

      tl;dc = mount as 0555 instead of 0550

      The Operator sets the script permissions for the tls passphrase script which is run by Couchbase Server.  The best practice is to use securityContext.runAsUser: 1000 which mounts the script as couchbase user.  But this isn't required and when omitted the script is mounted as root and unable to run.  So we need to give public users read & execute, and this is fine as nothing sensitive is in this script.

      Attachments

        Activity

          People

            tommie Tommie McAfee (Inactive)
            tommie Tommie McAfee (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              PagerDuty