Warn about config permissions before loading the defaults

Now, configs that don't contain passwords don't trigger the warning.

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 75968635ba6ca8c428bb4695c17d618a1f727068..bf89b1d581da3013d41019e77b48dcb375325bf7 100644 (file)
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -92,6 +92,11 @@ def read_config(opts, config_file='config.py'):
                                       'sun.security.pkcs11.SunPKCS11',
                                       '-providerArg', 'opensc-fdroid.cfg']
 
+    if any(k in config for k in ["keystore", "keystorepass", "keypass"]):
+        st = os.stat(config_file)
+        if st.st_mode & stat.S_IRWXG or st.st_mode & stat.S_IRWXO:
+            logging.warn("unsafe permissions on {0} (should be 0600)!".format(config_file))
+
     defconfig = get_default_config()
     for k, v in defconfig.items():
         if k not in config:
@@ -107,11 +112,6 @@ def read_config(opts, config_file='config.py'):
     if not test_sdk_exists(config):
         sys.exit(3)
 
-    if any(k in config for k in ["keystore", "keystorepass", "keypass"]):
-        st = os.stat(config_file)
-        if st.st_mode & stat.S_IRWXG or st.st_mode & stat.S_IRWXO:
-            logging.warn("unsafe permissions on {0} (should be 0600)!".format(config_file))
-
     for k in ["keystorepass", "keypass"]:
         if k in config:
             write_password_file(k)