Merge pull request #1913 from Chris-Peterson444/netplan-comment
update rationale for netplan config permissions
This commit is contained in:
Chris Peterson
GitHub
commit
477fef9590
|
|
@ -38,11 +38,12 @@ class NetworkModel(CoreNetworkModel):
|
||||||
|
|
||||||
def render(self):
|
def render(self):
|
||||||
netplan = self.render_config()
|
netplan = self.render_config()
|
||||||
# We write wifi config -- which almost certainly contains secrets -- to
|
# We write the wifi config -- which almost certainly contains secrets --
|
||||||
# a separate file with more restrictive permissions. This isn't a
|
# to a separate file since it's possible the default file may
|
||||||
# perfect solution because in principle there could be wired 802.1x
|
# be shared (e.g., via apport for a bug report) and we don't want to
|
||||||
# stuff that has secrets too but the subiquity UI does not support any
|
# leak them. This isn't a perfect solution because in principle there
|
||||||
# of that yet so this will do for now.
|
# could be wired 802.1x stuff that has secrets too, but the subiquity
|
||||||
|
# UI does not support any of that yet so this will do for now.
|
||||||
|
|
||||||
# If host cloud-init version has no readable combined-cloud-config,
|
# If host cloud-init version has no readable combined-cloud-config,
|
||||||
# default to False.
|
# default to False.
|
||||||
|
|
@ -63,7 +64,6 @@ class NetworkModel(CoreNetworkModel):
|
||||||
}
|
}
|
||||||
else:
|
else:
|
||||||
# Separate sensitive wifi config from potentially shared config
|
# Separate sensitive wifi config from potentially shared config
|
||||||
# e.g. via apport
|
|
||||||
wifis = netplan["network"].pop("wifis", None)
|
wifis = netplan["network"].pop("wifis", None)
|
||||||
r = {
|
r = {
|
||||||
"write_files": {
|
"write_files": {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue