From 115ccd4f08e9971d22012e1f537d1e4976e4745e Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 25 Feb 2020 11:56:55 +0100
Subject: [SSUS] Move chmod/own on taskmanager config so it will be effective

---
 satellit_upgrader/updater.template.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/satellit_upgrader/updater.template.sh b/satellit_upgrader/updater.template.sh
index 3783f39..399c61b 100644
--- a/satellit_upgrader/updater.template.sh
+++ b/satellit_upgrader/updater.template.sh
@@ -302,8 +302,6 @@ mkdir -m 0750 -p "$PATH_TASKMANAGER/config"
 diffcp "taskmanager/config" "$PATH_TASKMANAGER/config/config" && tm_restart=1
 diffcp "taskmanager/environment" "$PATH_TASKMANAGER/config/environment" && tm_restart=4
 diffcp "taskmanager/taskmanager.service" "/etc/systemd/system/taskmanager.service" && tm_restart=111
-chmod 0640 "$PATH_TASKMANAGER/config/config"
-chown -R root:taskmanager "$PATH_TASKMANAGER/config"
 # java app
 if [ -n "$TGZ_TASKMANAGER" ]; then
 	[ -e "$TMPDIR/$TGZ_TASKMANAGER" ] || perror "$TGZ_TASKMANAGER missing from payload"
@@ -321,6 +319,9 @@ if [ -n "$TGZ_TASKMANAGER" ]; then
 	tm_restart=1
 	echo "Taskmanager upgrade complete"
 fi
+# Protect config with password in it
+chmod 0640 "$PATH_TASKMANAGER/config/config"
+chown -R root:taskmanager "$PATH_TASKMANAGER/config"
 # sudo config
 if diffcp "tm-sudo-config" "/etc/sudoers.d/taskmanager" "Installing new sudo config for taskmanager"; then
 	chmod 0440 "/etc/sudoers.d/taskmanager"
-- 
cgit v1.2.3-55-g7522