From 869ac551cff99162fda1eb614bf2c45bfc3e5321 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 14 May 2019 13:55:41 +0200
Subject: [PATCH] core: fix file permissions for
 "/var/lib/NetworkManager/secret_key"

Ooherwise, the file has wrong permissions:

  # ls -la /var/lib/NetworkManager/secret_key
  ----r-xr-x. 1 root root 50 May 14 13:52 /var/lib/NetworkManager/secret_key

Luckily, /var/lib/NetworkManager should be already

  # ls -lad /var/lib/NetworkManager
  drwx------. 2 root root 8192 May 14 13:57 /var/lib/NetworkManager

which mitigates this a bit.

Fixes: dbcb1d6d97c6 ('core: let nm_utils_secret_key_read() handle failures internally')

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/175
(cherry picked from commit dc3a2f9bc4c35030bcaf9e81953daf7894ab62b6)
(cherry picked from commit 2d46247c6ac6f89a0b8bac86d684431c07dc6c8e)
(cherry picked from commit 7a0f8520ffd2173d0912e8cbdd192bc232e92a43)
---
 src/nm-core-utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c
index a65ac6364b..99a62e61f8 100644
--- a/src/nm-core-utils.c
+++ b/src/nm-core-utils.c
@@ -2896,7 +2896,7 @@ _host_id_read (guint8 **out_host_id,
 		} else if (!nm_utils_file_set_contents (SECRET_KEY_FILE,
 		                                        (const char *) new_content,
 		                                        len,
-		                                        0077,
+		                                        0600,
 		                                        &error)) {
 			nm_log_warn (LOGD_CORE, "secret-key: failure to persist secret key in \"%s\" (%s) (use non-persistent key)",
 			             SECRET_KEY_FILE, error->message);