summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
bd04221)
Seems umask is no longer sufficient and they end up 0600.
keyfile = os.path.join(keydir, s+'.key')
relkeyfile = os.path.join(relkeydir, s+'.key')
if (not os.path.exists(keyfile)):
keyfile = os.path.join(keydir, s+'.key')
relkeyfile = os.path.join(relkeydir, s+'.key')
if (not os.path.exists(keyfile)):
- subprocess.check_call('umask 0027 && openssl genrsa -out %s 1024 && chgrp onionbalance %s'%(keyfile, keyfile), shell=True)
+ subprocess.check_call('umask 0027 && openssl genrsa -out %s 1024 && chgrp onionbalance %s && chmod 0640 %s'%(keyfile, keyfile, keyfile), shell=True)
service = {
'key': relkeyfile,
service = {
'key': relkeyfile,