open-source/qinglong
1
0
Fork 0
mirror of https://github.com/whyour/qinglong.git synced 2025-11-09 16:16:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix SSH config file permissions race condition

Browse Source 
- Modified writeFileWithLock to create files with correct permissions immediately
- Changed string mode values to proper octal numbers (0o600, 0o400)
- This eliminates the race condition where files existed with wrong permissions

Co-authored-by: whyour <22700758+whyour@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2025-11-07 16:18:49 +00:00
parent 8998b4078f
commit 62831835a5
3 changed files with 13121 additions and 9998 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
back/services/sshKey.ts
View File

@ -26,13 +26,13 @@ export default class SshKeyService {
if (_exist) { if (_exist) {
config = await fs.readFile(this.sshConfigFilePath, { encoding: 'utf-8' }); config = await fs.readFile(this.sshConfigFilePath, { encoding: 'utf-8' });
} else { } else {
await writeFileWithLock(this.sshConfigFilePath, '', { mode: '600' }); await writeFileWithLock(this.sshConfigFilePath, '', { mode: 0o600 });
} }
if (!config.includes(this.sshConfigHeader)) { if (!config.includes(this.sshConfigHeader)) {
await writeFileWithLock( await writeFileWithLock(
this.sshConfigFilePath, this.sshConfigFilePath,
`${this.sshConfigHeader}\n\n${config}`, `${this.sshConfigHeader}\n\n${config}`,
{ mode: '600' }, { mode: 0o600 },
); );
} }
} }
@ -46,7 +46,7 @@ export default class SshKeyService {
path.join(this.sshPath, alias), path.join(this.sshPath, alias),
`${key}${os.EOL}`, `${key}${os.EOL}`,
{ {
mode: '400', mode: 0o400,
}, },
); );
} catch (error) { } catch (error) {
@ -83,7 +83,7 @@ export default class SshKeyService {
config, config,
{ {
encoding: 'utf8', encoding: 'utf8',
mode: '600', mode: 0o600,
}, },
); );
} }

7
back/shared/utils.ts
View File

@ -20,8 +20,10 @@ export async function writeFileWithLock(
options = { encoding: options }; options = { encoding: options };
} }
if (!(await fileExist(filePath))) { if (!(await fileExist(filePath))) {
const fileHandle = await open(filePath, 'w'); // Create the file with the specified mode if provided, otherwise use default
fileHandle.close(); const fileMode = options?.mode || 0o666;
const fileHandle = await open(filePath, 'w', fileMode);
await fileHandle.close();
} }
const lockfilePath = getUniqueLockPath(filePath); const lockfilePath = getUniqueLockPath(filePath);
@ -35,6 +37,7 @@ export async function writeFileWithLock(
lockfilePath, lockfilePath,
}); });
await writeFile(filePath, content, { encoding: 'utf8', ...options }); await writeFile(filePath, content, { encoding: 'utf8', ...options });
// Ensure the mode is set correctly even if the file already existed
if (options?.mode) { if (options?.mode) {
await chmod(filePath, options.mode); await chmod(filePath, options.mode);
} }

23104
pnpm-lock.yaml
View File

File diff suppressed because it is too large Load Diff