generate authkey: public part needs to be readable by backup group

else the API proxy cannot use it and fails to run..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2019-12-17 09:53:21 +01:00
parent 9c18e93522
commit ba3eb88d95

View File

@ -128,7 +128,12 @@ pub fn generate_auth_key() -> Result<(), Error> {
let public_pem = rsa.public_key_to_pem()?;
file_set_contents(&public_path, &public_pem, None)?;
let (_, backup_gid) = crate::tools::getpwnam_ugid("backup")?;
let uid = Some(nix::unistd::ROOT);
let gid = Some(nix::unistd::Gid::from_raw(backup_gid));
file_set_contents_full(
&public_path, &public_pem, Some(Mode::from_bits_truncate(0o0640)), uid, gid)?;
Ok(())
}