[Freeipa-devel] [freeipa PR#2057][opened] Ensure that public cert and CA bundle are readable

URL: https://github.com/freeipa/freeipa/pull/2057 Author: tiran Title: #2057: Ensure that public cert and CA bundle are readable Action: opened PR body: """ In CIS hardened mode, the process umask is 027. This results in some files not being world readable. Ensure that write_certificate_list() calls in client installer, server installer, and upgrader create cert bundles with permission bits 0644. Make CA bundles, certs, and cert directories world-accessible in upgrader. Fixes: pagure.io/freeipa/issue/7594 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2057/head:pr2057 git checkout pr2057