Etcd Charm

etcd charm causes non DISA-STIG compliance

Bug #1996924 reported by Jeff Hillman on 2022-11-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Etcd Charm	New	Undecided	Unassigned

Bug Description

ubuntu 20.04.5
juju 2.9.37
charm latest/stable rev CH:718
ETCD 3.4.5

When running `sudo usg fix disa_stig` against an ubuntu 20.04.5 machine, it becomes DISA-STIG compliant.

running `juju add-machine <user>@<ip>` and then `juju deploy etcd --to 0` causes DISA-STIG to no longer be compliant

Specifically, running a diff against the compliant results `sudo usg audit disa_stig` and then against the newly deployed etcd charm causes the following diff:

```
- <rule-result idref="file_permissions_binary_dirs" time="2022-11-17T16:00:23" severity="medium" weight="1.000000">
- <result>pass</result>
+ <rule-result idref="file_permissions_binary_dirs" time="2022-11-17T16:45:15" severity="medium" weight="1.000000">
+ <result>fail</result>

```

etcd charm is breaking the file_permissions_binary_dirs DISA-STIG compliance.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.