From a6562097a4d0f35c22c4f0f949012dee918bf510 Mon Sep 17 00:00:00 2001

From: Thomas Haller <thaller@redhat.com>

Date: Tue, 14 May 2019 13:55:41 +0200

Subject: [PATCH 1/1] core: fix file permissions for

 "/var/lib/NetworkManager/secret_key"

Ooherwise, the file has wrong permissions:

  # ls -la /var/lib/NetworkManager/secret_key

  ----r-xr-x. 1 root root 50 May 14 13:52 /var/lib/NetworkManager/secret_key

Luckily, /var/lib/NetworkManager should be already

  # ls -lad /var/lib/NetworkManager

  drwx------. 2 root root 8192 May 14 13:57 /var/lib/NetworkManager

which mitigates this a bit.

Fixes: dbcb1d6d97c6 ('core: let nm_utils_secret_key_read() handle failures internally')

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/175

(cherry picked from commit dc3a2f9bc4c35030bcaf9e81953daf7894ab62b6)

(cherry picked from commit 2d46247c6ac6f89a0b8bac86d684431c07dc6c8e)

---

 src/nm-core-utils.c | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c

index b0cc914e7..fd1628027 100644

--- a/src/nm-core-utils.c

+++ b/src/nm-core-utils.c

@@ -2697,7 +2697,7 @@ _host_id_read (guint8 **out_host_id,

 		} else if (!nm_utils_file_set_contents (SECRET_KEY_FILE,

 		                                        (const char *) new_content,

 		                                        len,

-		                                        0077,

+		                                        0600,

 		                                        &error)) {

 			nm_log_warn (LOGD_CORE, "secret-key: failure to persist secret key in \"%s\" (%s) (use non-persistent key)",

 			             SECRET_KEY_FILE, error->message);

-- 

2.21.0