TFTP: Proper /var/lib/tftpboot ownership and permissions

Support
,
1

Problem:
Installed Foreman 3.9.1
with foreman-installer, smart proxy is on the same host. The default settings for /var/lib/tftpboot lead to access denied error, gave ownership to foreman-proxy:root and changed mode recursively to 0777 and it started working, but I think these should be more restrictive. What’s the proper setup of /var/lib/tftpboot?

Expected outcome:
Have /var/lib/tftpboot configure out-of-the-box

Foreman and Proxy versions:

# rpm -qa | grep foreman
foreman-debug-3.9.1-1.el8.noarch
foreman-cli-3.9.1-1.el8.noarch
rubygem-hammer_cli_foreman_discovery-1.2.0-1.fm3_9.el8.noarch
rubygem-hammer_cli_foreman_templates-0.3.0-1.fm3_9.el8.noarch
foreman-3.9.1-1.el8.noarch
foreman-postgresql-3.9.1-1.el8.noarch
foreman-dynflow-sidekiq-3.9.1-1.el8.noarch
rubygem-hammer_cli_foreman-3.9.0-1.el8.noarch
foreman-libvirt-3.9.1-1.el8.noarch
foreman-openstack-3.9.1-1.el8.noarch
rubygem-hammer_cli_foreman_openscap-0.2.1-1.fm3_9.el8.noarch
rubygem-hammer_cli_foreman_tasks-0.0.20-1.fm3_9.el8.noarch
rubygem-foreman_discovery-23.0.0-1.fm3_10.el8.noarch
rubygem-foreman_puppet-6.1.1-1.fm3_10.el8.noarch
rubygem-foreman_fog_proxmox-0.15.0-1.fm3_9.el8.noarch
rubygem-foreman_templates-9.4.0-1.fm3_9.el8.noarch
foreman-selinux-3.9.1-1.el8.noarch
foreman-proxy-3.9.1-1.el8.noarch
rubygem-foreman_openscap-7.1.1-1.fm3_9.el8.noarch
rubygem-foreman-tasks-9.0.1-1.fm3_9.el8.noarch
foreman-service-3.9.1-1.el8.noarch
rubygem-hammer_cli_foreman_puppet-0.0.7-1.fm3_9.el8.noarch
rubygem-foreman_bootdisk-21.2.1-1.fm3_10.el8.noarch
rubygem-foreman_dhcp_browser-0.0.8-6.fm3_9.el8.noarch
foreman-installer-3.9.1-1.el8.noarch
rubygem-foreman_host_extra_validator-0.2.2-1.fm3_9.el8.noarch
foreman-release-3.9.1-1.el8.noarch

Foreman and Proxy plugin versions:

  • foreman-tasks 9.0.1
  • foreman_bootdisk 21.2.1
  • foreman_dhcp_browser 0.0.8
  • foreman_discovery 23.0.0
  • foreman_fog_proxmox 0.15.0
  • foreman_host_extra_validator 0.2.2
  • foreman_openscap 7.1.1
  • foreman_puppet 6.1.1
  • foreman_templates 9.4.0

Distribution and version:
AlmaLinux 8.9 (Midnight Oncilla)

Other relevant data:
/