search

twpayne / chezmoi

Manage your dotfiles across multiple diverse machines, securely.
https://www.chezmoi.io/
MIT License
12.88k stars 478 forks source link

`chezmoi edit-config-template` creates initial template with world-writable permissions #3781

Closed Tblue closed 3 months ago

Tblue commented 3 months ago

Describe the bug

When ~/.config/chezmoi/chezmoi.toml already exists in the target directory, but its template does not yet exist in the source directory, and one then runs chezmoi edit-config-template, then the config template in the source directory is created with world-writable permissions. This happens even with an umask of e.g. 022.

To reproduce

Expected behavior

.chezmoi.toml.tmpl in the source directory should have secure permissions: It should not be world-writable, just like its rendered version in the target directory.

Output of command with the --verbose flag

$ chezmoi edit-config-template --verbose --no-pager
diff --git a/ b/
old mode 40755
new mode 40777
diff --git a/.chezmoi.toml.tmpl b/.chezmoi.toml.tmpl
new file mode 100666
index 0000000000000000000000000000000000000000..ae616fe89038d1e735b72546b1140266d083e99a
--- /dev/null
+++ b/.chezmoi.toml.tmpl
@@ -0,0 +1,12 @@
+# ~/.config/chezmoi/chezmoi.toml
+# vim: tw=79
+#
+# See: https://www.chezmoi.io/reference/configuration-file
+#
+# Adheres to TOML v1 syntax: https://toml.io/en/v1.0.0
+
+encryption = "gpg"
+gpg.recipient = "[REDACTED]"
+
+[git]
+autoAdd = true

Output of chezmoi doctor

I ran this after the steps used to reproduce the bug, but running it before gives the same output.

```console $ chezmoi doctor RESULT CHECK MESSAGE warning version v2.48.1, built at 2024-05-13T12:57:01Z ok latest-version v2.48.1 ok os-arch linux/amd64 (Arch Linux) ok uname Linux gumshoe 6.9.2-arch1-1 #1 SMP PREEMPT_DYNAMIC Sun, 26 May 2024 01:30:29 +0000 x86_64 GNU/Linux ok go-version go1.22.3 (gc) ok executable /usr/bin/chezmoi ok config-file ~/.config/chezmoi/chezmoi.toml, last modified 2024-05-27T17:43:40+02:00 warning source-dir ~/.local/share/chezmoi is a git working tree (dirty) ok suspicious-entries no suspicious entries warning working-tree ~/.local/share/chezmoi is a git working tree (dirty) ok dest-dir ~ is a directory ok umask 022 ok cd-command found /bin/zsh ok cd-args /bin/zsh info diff-command not set ok edit-command found /usr/bin/vim ok edit-args /usr/bin/vim ok git-command found /usr/bin/git, version 2.45.1 ok merge-command found /usr/bin/vimdiff ok shell-command found /bin/zsh ok shell-args /bin/zsh info age-command age not found in $PATH ok gpg-command found /usr/bin/gpg, version 2.4.5 info pinentry-command not set ok 1password-command found ~/bin/op, version 2.29.0 info bitwarden-command bw not found in $PATH info bitwarden-secrets-command bws not found in $PATH info dashlane-command dcli not found in $PATH info doppler-command doppler not found in $PATH info gopass-command gopass not found in $PATH info keepassxc-command keepassxc-cli not found in $PATH info keepassxc-db not set info keeper-command keeper not found in $PATH info lastpass-command lpass not found in $PATH info pass-command pass not found in $PATH info passhole-command ph not found in $PATH info rbw-command rbw not found in $PATH info vault-command vault not found in $PATH info vlt-command vlt not found in $PATH info secret-command not set ```

Additional context

Only tested with the .toml template, but I'd assume this applies to any configuration language.

Tblue commented 3 months ago

The issue appears to be:

https://github.com/twpayne/chezmoi/blob/8f72b73dc0908b79622b74f4190d5d7537c8f5cc/internal/cmd/editconfigtemplatecmd.go#L50

A bit of digging reveals this completely ignores the umask, and uses the permissions exactly as specified:

https://github.com/twpayne/chezmoi/blob/8f72b73dc0908b79622b74f4190d5d7537c8f5cc/internal/chezmoi/realsystem_unix.go#L134-L137

twpayne commented 3 months ago

Thanks for the thorough report! Your analysis was correct. This, and an equivalent bug in chezmoi edit are fixed in #3782.