client/nix_netrc: Set permission to 0600 on creation and write
This commit is contained in:
parent
384e7aa92d
commit
70ed477208
|
@ -8,12 +8,18 @@
|
||||||
|
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::fmt;
|
use std::fmt;
|
||||||
|
use std::fs::Permissions;
|
||||||
|
use std::os::unix::fs::PermissionsExt;
|
||||||
use std::path::{Path, PathBuf};
|
use std::path::{Path, PathBuf};
|
||||||
|
|
||||||
use anyhow::{anyhow, Result};
|
use anyhow::{anyhow, Result};
|
||||||
use tokio::fs;
|
use tokio::fs::{self, OpenOptions};
|
||||||
|
use tokio::io::AsyncWriteExt;
|
||||||
use xdg::BaseDirectories;
|
use xdg::BaseDirectories;
|
||||||
|
|
||||||
|
/// The permission the configuration file should have.
|
||||||
|
const FILE_MODE: u32 = 0o600;
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub struct NixNetrc {
|
pub struct NixNetrc {
|
||||||
/// Path to write the modified netrc back to.
|
/// Path to write the modified netrc back to.
|
||||||
|
@ -64,7 +70,21 @@ impl NixNetrc {
|
||||||
if let Some(path) = &self.path {
|
if let Some(path) = &self.path {
|
||||||
let mut content = String::new();
|
let mut content = String::new();
|
||||||
serialize_machines(&mut content, &self.machines)?;
|
serialize_machines(&mut content, &self.machines)?;
|
||||||
fs::write(path, content).await?;
|
|
||||||
|
// This isn't atomic, so some other process might chmod it
|
||||||
|
// to something else before we write. We don't handle this case.
|
||||||
|
if path.exists() {
|
||||||
|
let permissions = Permissions::from_mode(FILE_MODE);
|
||||||
|
fs::set_permissions(path, permissions).await?;
|
||||||
|
}
|
||||||
|
|
||||||
|
let mut file = OpenOptions::new()
|
||||||
|
.create(true)
|
||||||
|
.write(true)
|
||||||
|
.mode(FILE_MODE)
|
||||||
|
.open(path).await?;
|
||||||
|
|
||||||
|
file.write_all(content.as_bytes()).await?;
|
||||||
Ok(())
|
Ok(())
|
||||||
} else {
|
} else {
|
||||||
Err(anyhow!("Don't know how to save the netrc"))
|
Err(anyhow!("Don't know how to save the netrc"))
|
||||||
|
|
Loading…
Reference in a new issue