Page 1 of 1

[SOLVED] World-readable permissions on config.xml

Posted: Sat Jan 15, 2022 5:12 pm
by ajgringo619
Is it necessary to have world-readable (644) permissions on /etc/foldingathome/config.xml? Curious why this is the default when passwords/keys are stored there.

Re: World-readable permissions on config.xml

Posted: Sat Jan 15, 2022 10:47 pm
by calxalot
It can be 0600 if you like.

Re: World-readable permissions on config.xml

Posted: Sat Jan 15, 2022 10:49 pm
by ajgringo619
calxalot wrote:It can be 0600 if you like.
Thanks; didn't want to mess anything up when it's working so well.

Re: World-readable permissions on config.xml

Posted: Mon Jan 17, 2022 9:18 pm
by ajgringo619
To make the change permanent, I had to add this to the foldingathome.service file:

Code: Select all

# /etc/systemd/system/foldingathome.service.d/override.conf
[Service]
ExecStartPre=!/usr/bin/chmod 600 /etc/foldingathome/config.xml

Re: World-readable permissions on config.xml

Posted: Mon Jan 17, 2022 11:35 pm
by calxalot
You might want to change the umask for user fahclient

Re: World-readable permissions on config.xml

Posted: Tue Jan 18, 2022 12:20 am
by ajgringo619
calxalot wrote:You might want to change the umask for user fahclient
Not sure how to do this with a dynamic user, but thanks for the suggestion. My chmod command worked, but it went right back to normal after the next WU was started.

Re: World-readable permissions on config.xml

Posted: Tue Jan 18, 2022 1:48 am
by calxalot
I think you can add
UMask=0077
in your FAHClient.service

Re: World-readable permissions on config.xml

Posted: Tue Jan 18, 2022 1:59 am
by ajgringo619
Thank you so much - that did the trick!