PR#4896: Make sure authorized_keys file has mode 600. - pagure - Pagure.io

pagure

#4896 Make sure authorized_keys file has mode 600.

Merged 3 years ago by pingou. Opened 3 years ago by sergiodj.

sergiodj/pagure authorized-keys-chmod into master

Make sure authorized_keys file has mode 600.

Sergio Durigan Junior • 3 years ago

2691e9d

pagure/lib/tasks.py

file modified

+2

		`@@ -1270,6 +1270,7 @@`
		`sshkey.strip(),`
		`)`
		`)`
		`+ os.chmod(fullpath, 0o600)`


		`@conn.task(queue=pagure_config.get("AUTHORIZED_KEYS_QUEUE", None), bind=True)`
		`@@ -1294,3 +1295,4 @@`

		`with open(fullpath, "w") as stream:`
		`stream.write("\n".join(output))`
		`+ os.chmod(fullpath, 0o600)`

sergiodj commented 3 years ago

Only the pagure user needs to be able to read and write the file.

ngompa commented 3 years ago

:thumbsup:

pretty please pagure-ci rebuild

3 years ago

pingou commented 3 years ago

Thanks! :)

Pull-Request has been merged by pingou

3 years ago

Metadata

Assignee

None

Tags

No Tags

Flags

Build #3492 successful (commit: 2691e9d4)

Build #3491 failed (commit: 2691e9d4)

Changes Summary 1

file changed

pagure/lib/tasks.py

Powered by Pagure 5.13.3

Documentation • File an Issue • About • SSH Hostkey/Fingerprint

© Red Hat, Inc. and others.