pkg/build: chmod output ssh key

ssh is very picky about ssh key permissions. Let's enforce the right persmissions without bothering user with this.
author: Dmitry Vyukov <dvyukov@google.com> 2020-05-29 08:30:49 +0200
committer: Dmitry Vyukov <dvyukov@google.com> 2020-05-29 08:30:49 +0200
commit: 7e7ceb21ba30cacae05f29b2f574b9175ccfd425 (patch)
tree: fb3d2d182f25302fe102ad78d53bad346b455be2 /pkg
parent: d19ed305ae462d0bd5b11771f2180cab2d35a954 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/pkg/build/build.go b/pkg/build/build.go
index d9f7a7713..b51f1f78b 100644
--- a/pkg/build/build.go
+++ b/pkg/build/build.go
@@ -7,6 +7,7 @@ package build
 import (
 	"bytes"
 	"fmt"
+	"os"
 	"path/filepath"
 	"regexp"
 	"strings"
@@ -65,6 +66,11 @@ func Image(params *Params) (string, error) {
 	if err != nil {
 		return "", extractRootCause(err, params.TargetOS, params.KernelDir)
 	}
+	if key := filepath.Join(params.OutputDir, "key"); osutil.IsExist(key) {
+		if err := os.Chmod(key, 0600); err != nil {
+			return "", fmt.Errorf("failed to chmod 0600 %v: %v", key, err)
+		}
+	}
 	sign := ""
 	if signer, ok := builder.(signer); ok {
 		sign, err = signer.sign(params)
author	Dmitry Vyukov <dvyukov@google.com>	2020-05-29 08:30:49 +0200
committer	Dmitry Vyukov <dvyukov@google.com>	2020-05-29 08:30:49 +0200
commit	7e7ceb21ba30cacae05f29b2f574b9175ccfd425 (patch)
tree	fb3d2d182f25302fe102ad78d53bad346b455be2 /pkg
parent	d19ed305ae462d0bd5b11771f2180cab2d35a954 (diff)