Files created by ignition have the wrong permissions

Hi,

I am installing OKD on UPI vsphere infra, I am using static ips as DNS and an F5 load balancer is already set up so I am creating network config files with ignition.
Due to FCOS using Network Manager I am creating /etc/NetworkManager/system-connections/ifcfg-ens192 with explicit permissions set to 600
image
The files are created fine but although I am explicity stating permissions of 600 in the ignit file all of the files created are getting 130 (when 600 is set)…
This doesn’t matter for the other config files but for the network manager file it requires to only be readable by root or it won’t use it. If I change its permissions manually and fiddle around with nmcli I can get it working but this is no good as it’s meant to be IaaC, I have no idea why the permissions aren’t what I set them as in the ignition config and I’ve tried various syntax variations…
I can’t find why online so I guess it’s something simple I’ve overlooked as otherwise I’d imagine other people would of certainly had this problem!
Thanks,
Daniel

The mostly likely issue here is that for Ignition configs (or MCO configs), you need to use decimal values for the mode (see mode in the Ignition config spec documentation).

In this case, 600 (decimal) gives you 1130 (octal).
If you want 600 (octal), you need 384 (decimal).

2 Likes