chiark / gitweb /
~mdw / distorted-dkim / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ebea04c)
dkim-keys.in (generate_key): Set the permission bits explicitly.
authorMark Wooding <mdw@distorted.org.uk>
Sun, 5 May 2024 15:17:25 +0000 (16:17 +0100)
committerMark Wooding <mdw@distorted.org.uk>
Sun, 5 May 2024 15:17:25 +0000 (16:17 +0100)
OpenSSL denies group read permissions by default, so we have to allow
them by hand.  This means that the umask fiddling is redundant, but belt
and braces.

dkim-keys.in patch | blob | blame | history

diff --git a/dkim-keys.in b/dkim-keys.in
index ef38d4de37f62021e9badac1c4af9d5eadefbac7..cf07acca924be5951c7f78858cd5b01147f03094 100755 (executable)
--- a/dkim-keys.in
+++ b/dkim-keys.in
@@ -556,6 +556,7 @@ sub generate_key ($) {
   my $oldmask = umask 0037;
   print "generate new key\n";
   run "openssl", "genrsa", "-out", $file, "3072";
+  chmod 0640, $file;
   umask $oldmask;
 }
 
Manage DKIM keys.