From 97496ef4b8151b8424854eac3a6eef57fb239af7 Mon Sep 17 00:00:00 2001 From: elkmaennchen Date: Sat, 9 Mar 2024 20:09:24 +0100 Subject: [PATCH] path security issue (getting root privileges) --- group_vars/router/prometheus.yml | 3 +++ roles/prometheus_node/tasks/main.yml | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 group_vars/router/prometheus.yml diff --git a/group_vars/router/prometheus.yml b/group_vars/router/prometheus.yml new file mode 100644 index 0000000..871c762 --- /dev/null +++ b/group_vars/router/prometheus.yml @@ -0,0 +1,3 @@ +--- +prometheus_keepalived__dest: /var/run/prometheus-node-exporter/keepalived.prom +... \ No newline at end of file diff --git a/roles/prometheus_node/tasks/main.yml b/roles/prometheus_node/tasks/main.yml index 04af608..33525ce 100644 --- a/roles/prometheus_node/tasks/main.yml +++ b/roles/prometheus_node/tasks/main.yml @@ -28,7 +28,7 @@ state: directory owner: root group: root - mode: u=rwx,g=rw,o=rw + mode: u=rwx,g=rx,o=rx - name: Override prometheus-node-exporter.service template: