The access mode and ownership of auth_openidc.conf

Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default

mod_auth_openidc.spec

@@ -15,7 +15,7 @@
 
 Name:		mod_auth_openidc
 Version:	2.4.9.4
-Release:	3%{?dist}
+Release:	4%{?dist}
 Summary:	OpenID Connect auth module for Apache HTTP Server
 
 License:	ASL 2.0
@@ -90,12 +90,15 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/cache
 %doc README.md
 %{_httpd_moddir}/mod_auth_openidc.so
 %config(noreplace) %{_httpd_modconfdir}/10-auth_openidc.conf
-%config(noreplace) %{_httpd_confdir}/auth_openidc.conf
+%config(noreplace) %attr(0640, root, apache) %{_httpd_confdir}/auth_openidc.conf
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/metadata
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/cache
 
 %changelog
+* Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4
+  Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default
+
 * Tue Apr 11 2023  Tomas Halman <thalman@redhat.com> - 2.4.9.4-3
 - Resolves: rhbz#2184145 - CVE-2023-28625 NULL pointer dereference
   when OIDCStripCookies is set and a crafted Cookie header is supplied