Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / b265455a2518ece7c004b43c144199ec980fc620
commitb265455a2518ece7c004b43c144199ec980fc620[log] [tgz]
authorVernon Mauery <vernon.mauery@linux.intel.com>Fri Apr 03 14:28:53 2020 -0700
committerVernon Mauery <vernon.mauery@linux.intel.com>Wed Apr 08 16:58:55 2020 -0700
tree609cdc4e99ae44811cdd73a83e9b776097e13488
parent0e2dbee2d19ee6865d6e95b07398943b8f536336 [diff]
Use more restrictive permissions on /etc/ipmi-pass

This forces the permissions on /etc/ipmi-pass to be 0600 or RW only by
owner. This is to prevent non-owners from reading the file, even though
it is obfuscated to make it harder for ipmi passwords to leak.

Tested: change ipmi passwords and see that the /etc/ipmi-pass file has
        0600 permissions.

Change-Id: I4be0b8a65f98ced031493f7767879eb054e1ee84
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
1 file changed
tree: 609cdc4e99ae44811cdd73a83e9b776097e13488
  1. app/
  2. docs/
  3. include/
  4. libipmid/
  5. libipmid-host/
  6. scripts/
  7. softoff/
  8. test/
  9. user_channel/
  10. xyz/
  11. .build.sh
  12. .clang-format
  13. .gitignore
  14. .travis.yml
  15. apphandler.cpp
  16. apphandler.hpp
  17. bootstrap.sh
  18. chassishandler.cpp
  19. chassishandler.hpp
  20. configure.ac
  21. dcmihandler.cpp
  22. dcmihandler.hpp
  23. elog-errors.hpp
  24. entity_map_json.cpp
  25. entity_map_json.hpp
  26. error-HostEvent.hpp
  27. fruread.hpp
  28. generate_whitelist.sh
  29. globalhandler.cpp
  30. globalhandler.hpp
  31. groupext.cpp
  32. host-cmd-manager.cpp
  33. host-cmd-manager.hpp
  34. host-interface.cpp
  35. host-interface.hpp
  36. host-ipmid-whitelist.conf
  37. ipmi_fru_info_area.cpp
  38. ipmi_fru_info_area.hpp
  39. ipmid-new.cpp
  40. ipmisensor.cpp
  41. ipmiwhitelist.hpp
  42. LICENSE
  43. MAINTAINERS
  44. Makefile.am
  45. read_fru_data.cpp
  46. read_fru_data.hpp
  47. README.md
  48. sample.cpp
  49. sample.h
  50. selutility.cpp
  51. selutility.hpp
  52. sensordatahandler.cpp
  53. sensordatahandler.hpp
  54. sensorhandler.cpp
  55. sensorhandler.hpp
  56. settings.cpp
  57. settings.hpp
  58. storageaddsel.cpp
  59. storageaddsel.hpp
  60. storagehandler.cpp
  61. storagehandler.hpp
  62. sys_info_param.cpp
  63. sys_info_param.hpp
  64. systemintfcmds.cpp
  65. systemintfcmds.hpp
  66. testaddsel.cpp
  67. testit.cpp
  68. transporthandler.cpp
  69. whitelist-filter.cpp
README.md

To build this package, do the following steps:

1. ./bootstrap.sh
2. ./configure ${CONFIGURE_FLAGS}
3. make

To clean the repository run ./bootstrap.sh clean.