Red Hat Bugzilla – Bug 354381
server key file has wrong permissions, passphrase file gets overwritten
Last modified: 2007-11-30 17:12:20 EST
Description of problem:
First, more severe problem: Running 'service monotone genkey' generates a new
key in /etc/monotone/private-keys/HOSTNAME, with permissions '0600', and
ownership 'root:monotone'. The monotone server process runs as
user 'monotone', thus it cannot read that file, and will refuse to start.
Permissions should be changed to '0640' after generation by the init script.
Second, minor problem: If HOSTNAME changes for some reason, and 'service
monotone genkey' is run a second time (maybe by mistake), a new key file will
be generated (no problem), but /etc/monotone/passphrase.lua will silently be
overwritten, so the old server key is essentially lost. Easiest solution would
be to make the init script refuse to generate a second key if passphrase.lua
is already present.
Version-Release number of selected component (if applicable):
monotone-0.37-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
monotone-0.37-3.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.