mirrors/sops-nix
mirrors/sops-nix
1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2025-03-05 16:17:47 +00:00
Code Activity

Merge pull request #7 from Mic92/permission-fixes

Browse source
This commit is contained in:
Jörg Thalheim 2020-07-14 13:45:50 +01:00 committed by GitHub
commit 5fbb075966
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
pkgs/sops-install-secrets/main.go
View file

@ -1,6 +1,7 @@
package main
import (
"encoding/hex"
"encoding/json"
"errors"
"fmt"
@ -306,7 +307,8 @@ func atomicSymlink(oldname, newname string) error {
func importSSHKeys(keyPaths []string, gpgHome string) error {
secringPath := filepath.Join(gpgHome, "secring.gpg")
secring, err := os.Create(secringPath)
secring, err := os.OpenFile(secringPath, os.O_WRONLY|os.O_CREATE, 0600)
if err != nil {
return fmt.Errorf("Cannot create %s: %s", secringPath, err)
}
@ -319,9 +321,12 @@ func importSSHKeys(keyPaths []string, gpgHome string) error {
if err != nil {
return err
}
if err := gpgKey.SerializePrivate(secring, nil); err != nil {
return fmt.Errorf("Cannot write secring: %s", err)
}
fmt.Printf("Imported %s with fingerprint %s", path, hex.EncodeToString(gpgKey.PrimaryKey.Fingerprint[:]))
}
return nil