doc: fix .ssh credential examples

Let's create the .ssh dir with the right perms first.

Suggested by @gcb.

Fixes: #28172

diff --git a/docs/CREDENTIALS.md b/docs/CREDENTIALS.md
index 070ef42cf0fd649b4c47e562a29df0aa7d1cfbba..9b27b541cf1c330191dd189d674e43c04aca9279 100644 (file)
--- a/docs/CREDENTIALS.md
+++ b/docs/CREDENTIALS.md
@@ -451,7 +451,7 @@ qemu-system-x86_64 \
         -device scsi-hd,drive=hd,bootindex=1 \
         -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42 \
         -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 \
-        -smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo "f~ /root/.ssh/authorized_keys 600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
+        -smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo -e "d /root/.ssh 0750 root root -\nf~ /root/.ssh/authorized_keys 0600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
 ```
 
 A process on the host can listen for the notification, for example:

diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml
index 0aabfa625ae40add2bebc0365716edeba6791199..dc8fea23ddb2b7afd1b466bf444013a1ad699eb3 100644 (file)
--- a/man/tmpfiles.d.xml
+++ b/man/tmpfiles.d.xml
@@ -868,7 +868,7 @@ e! /var/cache/krb5rcache - - - 0
     <example>
       <title>Provision SSH public key access for root user via Credentials in QEMU</title>
 
-      <programlisting>-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo "f~ /root/.ssh/authorized_keys 700 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
+      <programlisting>-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo -e "d /root/.ssh 0750 root root -\nf~ /root/.ssh/authorized_keys 0600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
 </programlisting>
 
       <para>By passing this line to QEMU, the public key of the current user will be encoded in base64, added