keyfile = os.path.join(keydir, s+'.key')
relkeyfile = os.path.join(relkeydir, s+'.key')
if (not os.path.exists(keyfile)):
- subprocess.check_call('umask 0027 && openssl genrsa -out %s 1024 && chgrp onionbalance %s'%(keyfile, keyfile), shell=True)
+ subprocess.check_call('umask 0027 && openssl genrsa -out %s 1024 && chgrp onionbalance %s && chmod 0640 %s'%(keyfile, keyfile, keyfile), shell=True)
service = {
'key': relkeyfile,