From fdfae9c49ada3dd757db86084e5fdb07176a03e5 Mon Sep 17 00:00:00 2001
From: Brian Picciano <me@mediocregopher.com>
Date: Sun, 14 Jul 2024 15:50:24 +0200
Subject: [PATCH] Write files to runtime dir with write permissions, so they
 can be overwritten by the restartLoop

---
 go/daemon/child_nebula.go  | 2 +-
 go/garage/garagesrv/tpl.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/go/daemon/child_nebula.go b/go/daemon/child_nebula.go
index 6acc88d..d21f59a 100644
--- a/go/daemon/child_nebula.go
+++ b/go/daemon/child_nebula.go
@@ -137,7 +137,7 @@ func nebulaPmuxProcConfig(
 
 	nebulaYmlPath := filepath.Join(runtimeDirPath, "nebula.yml")
 
-	if err := yamlutil.WriteYamlFile(config, nebulaYmlPath, 0440); err != nil {
+	if err := yamlutil.WriteYamlFile(config, nebulaYmlPath, 0600); err != nil {
 		return pmuxlib.ProcessConfig{}, fmt.Errorf("writing nebula.yml to %q: %w", nebulaYmlPath, err)
 	}
 
diff --git a/go/garage/garagesrv/tpl.go b/go/garage/garagesrv/tpl.go
index adb7df3..27ff3c5 100644
--- a/go/garage/garagesrv/tpl.go
+++ b/go/garage/garagesrv/tpl.go
@@ -58,7 +58,7 @@ func RenderGarageToml(into io.Writer, data GarageTomlData) error {
 func WriteGarageTomlFile(path string, data GarageTomlData) error {
 
 	file, err := os.OpenFile(
-		path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0640,
+		path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600,
 	)
 
 	if err != nil {