htpasswd: change tmp permissions

2025-12-12 09:10:30 +08:00 · 2019-02-10 03:57:34 +03:00 · 2019-02-10 03:57:34 +03:00 · d603a216a3
commit d603a216a3
parent 8550ace4a1
1 changed files with 7 additions and 1 deletions
--- a/kvmd/apps/htpasswd/init.py
+++ b/kvmd/apps/htpasswd/init.py
@ -19,11 +19,17 @@ from .. import init
@contextlib.contextmanager
 def _get_htpasswd_for_write(config: Section) -> Generator[passlib.apache.HtpasswdFile, None, None]:
    path = config.kvmd.auth.htpasswd
-    (tmp_fd, tmp_path) = tempfile.mkstemp(prefix=".", dir=os.path.dirname(path))
+    (tmp_fd, tmp_path) = tempfile.mkstemp(
+        prefix=".%s." % (os.path.basename(path)),
+        dir=os.path.dirname(path),
+    )
    try:
+        stat = os.stat(path)
        try:
            with open(path, "rb") as htpasswd_file:
                os.write(tmp_fd, htpasswd_file.read())
+                os.fchown(tmp_fd, stat.st_uid, stat.st_gid)
+                os.fchmod(tmp_fd, stat.st_mode)
        finally:
            os.close(tmp_fd)
        htpasswd = passlib.apache.HtpasswdFile(tmp_path)