From abfdbf4d632fca7fc968b2075e9b0a0392ca5933 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 22 Nov 2018 18:24:16 +0000
Subject: [PATCH] Allow directory traversal

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/pagure/frontend/tasks/main.yml       | 2 +-
 roles/pagure/frontend/templates/pagure.cfg | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/pagure/frontend/tasks/main.yml b/roles/pagure/frontend/tasks/main.yml
index 1be533715a..dddcea605e 100644
--- a/roles/pagure/frontend/tasks/main.yml
+++ b/roles/pagure/frontend/tasks/main.yml
@@ -262,7 +262,7 @@
   - restart apache
 
 - name: Create the repoSpanner cert directory
-  file: path=/etc/pagure/repospanner state=directory mode=0640 owner=git group=git
+  file: path=/etc/pagure/repospanner state=directory mode=0750 owner=git group=git
   tags:
   - config
   - pagure
diff --git a/roles/pagure/frontend/templates/pagure.cfg b/roles/pagure/frontend/templates/pagure.cfg
index d4d40a6596..adb018ac89 100644
--- a/roles/pagure/frontend/templates/pagure.cfg
+++ b/roles/pagure/frontend/templates/pagure.cfg
@@ -326,7 +326,7 @@ SSH_COMMAND_REPOSPANNER = ([
     "--extra", "project_namespace", "%(project_namespace)s",
     "%(cmd)s",
     "'pagure/%(repotype)s/%(reponame)s'",
-], {"REPOBRIDGE_CONFIG": "/etc/repobridge/rpms.json"})
+], {"REPOBRIDGE_CONFIG": "/etc/pagure/repobridge_ansible.json"})
 SSH_COMMAND_NON_REPOSPANNER = ([
     "/usr/share/gitolite3/gitolite-shell",
     "%(username)s",