src/server/worker_task.rs: carefully handle file permissions

2019-04-06 17:53:12 +02:00
parent 1619a72063
commit 35950380a9
4 changed files with 53 additions and 14 deletions
--- a/src/auth_helpers.rs
+++ b/src/auth_helpers.rs
@ -94,12 +94,12 @@ pub fn generate_csrf_key() -> Result<(), Error> {

    use nix::sys::stat::Mode;

-    tools::file_set_contents(
-        &path, &pem, Some(Mode::from_bits_truncate(0o0640)))?;
-
    let (_, backup_gid) = tools::getpwnam_ugid("backup")?;
+    let uid = Some(nix::unistd::ROOT);
+    let gid = Some(nix::unistd::Gid::from_raw(backup_gid));

-    nix::unistd::chown(&path, Some(nix::unistd::ROOT), Some(nix::unistd::Gid::from_raw(backup_gid)))?;
+    tools::file_set_contents_full(
+        &path, &pem, Some(Mode::from_bits_truncate(0o0640)), uid, gid)?;

    Ok(())
 }