diff --git a/certidude/cli.py b/certidude/cli.py index 3033a46..bb67d39 100755 --- a/certidude/cli.py +++ b/certidude/cli.py @@ -1162,6 +1162,9 @@ def certidude_serve(port, listen, fork): if not os.path.exists(const.RUN_DIR): click.echo("Creating: %s" % const.RUN_DIR) os.makedirs(const.RUN_DIR) + os.chmod(const.RUN_DIR, 0755) + + # TODO: umask! import pwd _, _, uid, gid, gecos, root, shell = pwd.getpwnam("certidude") diff --git a/tests/test_cli.py b/tests/test_cli.py index 947db23..d229372 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -41,14 +41,12 @@ def test_cli_setup_authority(): os.kill(int(fh.read()), 15) except OSError: pass - os.unlink("/run/certidude/signer.pid") if os.path.exists("/run/certidude/server.pid"): with open("/run/certidude/server.pid") as fh: try: os.kill(int(fh.read()), 15) except OSError: pass - os.unlink("/run/certidude/server.pid") if os.path.exists("/var/lib/certidude/ca.example.lan"): shutil.rmtree("/var/lib/certidude/ca.example.lan") @@ -56,6 +54,8 @@ def test_cli_setup_authority(): os.unlink("/etc/certidude/server.conf") if os.path.exists("/etc/certidude/client.conf"): os.unlink("/etc/certidude/client.conf") + if os.path.exists("/run/certidude"): + shutil.rmtree("/run/certidude") # Remove OpenVPN stuff if os.path.exists("/etc/openvpn"):