1977er
commented
2 years ago Well, the private keys... I will test, if 0640 or even 0600 is fine with systemd.
Closed AiyionPrime closed 2 years ago
1977er
commented
2 years ago Well, the private keys... I will test, if 0640 or even 0600 is fine with systemd.
AiyionPrime
commented
2 years ago Not sure whether we have non-root daemons that read those. Keep monitoring in sight.
1977er
commented
2 years ago Testing on sn05 with manual changes: setting to 0640 (root:root). If it doesn't burn within the next hour, I will make it persistent.
1977er
commented
2 years ago Closing it for now.
1977er
commented
2 years ago No, can't do. systemd-networkd fails to create wg interfaces in case of 0640. Reverting back to 0644.
/etc/systemd/network/30-wg-10.netdev has 0644 mode that is too permissive