From 530e10214a6f018909714b288d997df13ab4f9df Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Wed, 8 Aug 2012 06:53:10 +0900
Subject: check for bad permissions on vpn key files

---
 src/leap/util/fileutil.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'src/leap/util/fileutil.py')

diff --git a/src/leap/util/fileutil.py b/src/leap/util/fileutil.py
index bb2c243b..cc3bf34b 100644
--- a/src/leap/util/fileutil.py
+++ b/src/leap/util/fileutil.py
@@ -1,10 +1,14 @@
 import errno
 from itertools import chain
+import logging
 import os
 import platform
 import stat
 
 
+logger = logging.getLogger()
+
+
 def is_user_executable(fpath):
     st = os.stat(fpath)
     return bool(st.st_mode & stat.S_IXUSR)
@@ -85,3 +89,23 @@ def mkdir_p(path):
             pass
         else:
             raise
+
+
+def check_and_fix_urw_only(_file):
+    """
+    test for 600 mode and try
+    to set it if anything different found
+    """
+    mode = os.stat(_file).st_mode
+    if mode != int('600', 8):
+        try:
+            logger.warning(
+                'bad permission on %s '
+                'attempting to set 600',
+                _file)
+            os.chmod(_file, stat.S_IRUSR | stat.S_IWUSR)
+        except OSError:
+            logger.error(
+                'error while trying to chmod 600 %s',
+                _file)
+            raise
-- 
cgit v1.2.3