diff --git a/cmd/dkl-local-server/bootv2.go b/cmd/dkl-local-server/bootv2.go index ba7e97f..cb7160f 100644 --- a/cmd/dkl-local-server/bootv2.go +++ b/cmd/dkl-local-server/bootv2.go @@ -66,13 +66,16 @@ func buildInitrd(out io.Writer, ctx *renderContext) (err error) { if err != nil { return } - cat.AppendBytes(cfgBytes, "config.yaml", 0600) + cat.AppendBytes(cfgBytes, "config.yaml", 0o600) // ssh keys - // XXX do we want a bootstrap-stage key instead of the real host key? + cat.AppendDir("/etc", 0o755) + cat.AppendDir("/etc/ssh", 0o700) + + // XXX do we want bootstrap-stage keys instead of the real host key? for _, format := range []string{"rsa", "dsa", "ecdsa", "ed25519"} { keyPath := "/etc/ssh/ssh_host_" + format + "_key" - cat.AppendBytes(cfg.FileContent(keyPath), keyPath, 0600) + cat.AppendBytes(cfg.FileContent(keyPath), keyPath, 0o600) } // ssh user CA diff --git a/go.mod b/go.mod index 809db17..e16b575 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( gopkg.in/yaml.v2 v2.4.0 k8s.io/apimachinery v0.33.2 m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766 - novit.tech/direktil/pkg v0.0.0-20250628165657-648e16ad9855 + novit.tech/direktil/pkg v0.0.0-20250630100055-554aaf0a8931 ) replace github.com/zmap/zlint/v3 => github.com/zmap/zlint/v3 v3.3.1 diff --git a/go.sum b/go.sum index 5a175b3..8561105 100644 --- a/go.sum +++ b/go.sum @@ -539,3 +539,5 @@ novit.tech/direktil/pkg v0.0.0-20240415130406-0d2e181a4ed6 h1:D0TN5GyZ4d88ILpgVZ novit.tech/direktil/pkg v0.0.0-20240415130406-0d2e181a4ed6/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10= novit.tech/direktil/pkg v0.0.0-20250628165657-648e16ad9855 h1:/wfTtrkOvfTXJw/JVAJwezMly8bu5Ix1S02kx8kEtg0= novit.tech/direktil/pkg v0.0.0-20250628165657-648e16ad9855/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10= +novit.tech/direktil/pkg v0.0.0-20250630100055-554aaf0a8931 h1:q49xx2xpk7ot5dBTuSiCr5hTkynycdT1w0AcfTEFyxw= +novit.tech/direktil/pkg v0.0.0-20250630100055-554aaf0a8931/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10=