[pmg-devel] [PATCH pmg-rs] account: create account files with 0600 permissions

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

* [pmg-devel] [PATCH pmg-rs] account: create account files with 0600 permissions
@ 2021-03-29 11:18 Stoiko Ivanov
  2021-03-29 12:00 ` [pmg-devel] applied: " Wolfgang Bumiller
  0 siblings, 1 reply; 2+ messages in thread
From: Stoiko Ivanov @ 2021-03-29 11:18 UTC (permalink / raw)
  To: pmg-devel

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
quickly tested on my setup - files get created correctly

 src/acme.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/acme.rs b/src/acme.rs
index ef6f4e7..4c8e5df 100644
--- a/src/acme.rs
+++ b/src/acme.rs
@@ -3,6 +3,8 @@
 //! The functions in here are perl bindings.
 
 use std::io::{self, Write};
+use std::fs::OpenOptions;
+use std::os::unix::fs::OpenOptionsExt;
 
 use anyhow::{format_err, Error};
 use serde::{Deserialize, Serialize};
@@ -85,7 +87,9 @@ impl Inner {
         };
 
         let _account = self.client.new_account(contact, tos_agreed, rsa_bits)?;
-        let file = std::fs::File::create(&account_path)
+        let mut options = OpenOptions::new();
+        options.write(true).create(true).mode(0o600);
+        let file = options.open(&account_path)
             .map_err(|err| format_err!("failed to open {:?} for writing: {}", account_path, err))?;
         self.write_to(file).map_err(|err| {
             format_err!(
@@ -137,7 +141,9 @@ impl Inner {
 
         let tmp_path = format!("{}.tmp", account_path);
         // FIXME: move proxmox::tools::replace_file & make_temp out into a nice *little* crate...
-        let mut file = std::fs::File::create(&tmp_path)
+        let mut options = OpenOptions::new();
+        options.write(true).create(true).mode(0o600);
+        let mut file = options.open(&tmp_path)
             .map_err(|err| format_err!("failed to open {:?} for writing: {}", tmp_path, err))?;
         self.write_to(&mut file).map_err(|err| {
             format_err!("failed to write acme account to {:?}: {}", tmp_path, err)
-- 
2.20.1





^ permalink raw reply	[flat|nested] 2+ messages in thread

* [pmg-devel] applied: [PATCH pmg-rs] account: create account files with 0600 permissions
  2021-03-29 11:18 [pmg-devel] [PATCH pmg-rs] account: create account files with 0600 permissions Stoiko Ivanov
@ 2021-03-29 12:00 ` Wolfgang Bumiller
  0 siblings, 0 replies; 2+ messages in thread
From: Wolfgang Bumiller @ 2021-03-29 12:00 UTC (permalink / raw)
  To: Stoiko Ivanov; +Cc: pmg-devel

applied, thanks

On Mon, Mar 29, 2021 at 01:18:37PM +0200, Stoiko Ivanov wrote:
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
> quickly tested on my setup - files get created correctly
> 
>  src/acme.rs | 10 ++++++++--
>  1 file changed, 8 insertions(+), 2 deletions(-)
> 
> diff --git a/src/acme.rs b/src/acme.rs
> index ef6f4e7..4c8e5df 100644
> --- a/src/acme.rs
> +++ b/src/acme.rs
> @@ -3,6 +3,8 @@
>  //! The functions in here are perl bindings.
>  
>  use std::io::{self, Write};
> +use std::fs::OpenOptions;
> +use std::os::unix::fs::OpenOptionsExt;
>  
>  use anyhow::{format_err, Error};
>  use serde::{Deserialize, Serialize};
> @@ -85,7 +87,9 @@ impl Inner {
>          };
>  
>          let _account = self.client.new_account(contact, tos_agreed, rsa_bits)?;
> -        let file = std::fs::File::create(&account_path)
> +        let mut options = OpenOptions::new();
> +        options.write(true).create(true).mode(0o600);
> +        let file = options.open(&account_path)
>              .map_err(|err| format_err!("failed to open {:?} for writing: {}", account_path, err))?;
>          self.write_to(file).map_err(|err| {
>              format_err!(
> @@ -137,7 +141,9 @@ impl Inner {
>  
>          let tmp_path = format!("{}.tmp", account_path);
>          // FIXME: move proxmox::tools::replace_file & make_temp out into a nice *little* crate...
> -        let mut file = std::fs::File::create(&tmp_path)
> +        let mut options = OpenOptions::new();
> +        options.write(true).create(true).mode(0o600);
> +        let mut file = options.open(&tmp_path)
>              .map_err(|err| format_err!("failed to open {:?} for writing: {}", tmp_path, err))?;
>          self.write_to(&mut file).map_err(|err| {
>              format_err!("failed to write acme account to {:?}: {}", tmp_path, err)
> -- 
> 2.20.1




^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-03-29 12:01 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-29 11:18 [pmg-devel] [PATCH pmg-rs] account: create account files with 0600 permissions Stoiko Ivanov
2021-03-29 12:00 ` [pmg-devel] applied: " Wolfgang Bumiller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal