From 6a7e6b4499115e52cc6ec1abb799f6a7d14d2168 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 14 Jul 2018 15:06:39 +0100
Subject: [PATCH] AWS: Give setup user permissions to read its own SSH keys

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/initscripts/helper/aws-setup | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/initscripts/helper/aws-setup b/src/initscripts/helper/aws-setup
index 2f4300d17d..d8c7a358cb 100644
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -101,9 +101,11 @@ import_aws_configuration() {
 		if [ -n "${key}" ] && ! grep -q "^${key}$" "/home/setup/.ssh/authorized_keys" 2>/dev/null; then
 			mkdir -p "/home/setup/.ssh"
 			chmod 700 "/home/setup/.ssh"
+			chown setup.nobody "/home/setup/.ssh"
 
 			echo "${key}" >> "/home/setup/.ssh/authorized_keys"
 			chmod 600 "/home/setup/.ssh/authorized_keys"
+			chown setup.nobody "/home/setup/.ssh/authorized_keys"
 		fi
 	done
 
-- 
2.39.5