metropolis/pkg/efivarfs: write variables with 0644 perms The kernel creates all files with these permissions, so having different ones is useless. Change-Id: Iaafb6080de349f95e566bb2e4faf821864cf75e6 Reviewed-on: https://review.monogon.dev/c/monogon/+/2025 Tested-by: Jenkins CI Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

commit: d07489b551c242df6ed73d07d17b47feb3827b48 [log] [tgz]
author: Tim Windelschmidt <tim@monogon.tech> Thu Aug 03 13:09:02 2023 +0000
committer: Tim Windelschmidt <tim@monogon.tech> Thu Aug 03 15:33:41 2023 +0000
tree: 2684f906758105cb9108c19069091a9d86ad7786
parent: 8e87a062badeb7f6b93c6486925aa99c616cd8a6 [diff]
diff --git a/metropolis/pkg/efivarfs/efivarfs.go b/metropolis/pkg/efivarfs/efivarfs.go
index e751145..97cd43a 100644
--- a/metropolis/pkg/efivarfs/efivarfs.go
+++ b/metropolis/pkg/efivarfs/efivarfs.go

@@ -89,7 +89,7 @@
 // Write writes the value of the named variable in the given scope.
 func Write(scope uuid.UUID, varName string, attrs Attribute, value []byte) error {
 	// Write attributes, see @linux//Documentation/filesystems:efivarfs.rst for format
-	f, err := os.OpenFile(varPath(scope, varName), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	f, err := os.OpenFile(varPath(scope, varName), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
 	if err != nil {
 		e := err
 		// Unwrap PathError here as we wrap our own parameter message around it
commit	d07489b551c242df6ed73d07d17b47feb3827b48	[log] [tgz]
author	Tim Windelschmidt <tim@monogon.tech>	Thu Aug 03 13:09:02 2023 +0000
committer	Tim Windelschmidt <tim@monogon.tech>	Thu Aug 03 15:33:41 2023 +0000
tree	2684f906758105cb9108c19069091a9d86ad7786
parent	8e87a062badeb7f6b93c6486925aa99c616cd8a6 [diff]