16803: Tweak permission setting on created files/dirs

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz@curii.com>

diff --git a/services/login-sync/bin/arvados-login-sync b/services/login-sync/bin/arvados-login-sync
index 61260990c90137c72400a06a615d5e5b7d870b56..aee911cfc43fca5806e700a40437f2641d63abe8 100755 (executable)
--- a/services/login-sync/bin/arvados-login-sync
+++ b/services/login-sync/bin/arvados-login-sync
@@ -154,8 +154,6 @@ begin
     userdotconfig = File.join(homedir, ".config")
     if !File.exist?(userdotconfig)
       Dir.mkdir(userdotconfig)
-      FileUtils.chown_R(l[:username], nil, userdotconfig)
-      File.chmod(0700, userdotconfig)
     end
 
     configarvados = File.join(userdotconfig, "arvados")
@@ -170,18 +168,21 @@ begin
         f.write("ARVADOS_API_HOST=#{ENV['ARVADOS_API_HOST']}\n")
         f.write("ARVADOS_API_TOKEN=v2/#{user_token[:uuid]}/#{user_token[:api_token]}\n")
         f.close()
-        File.chmod(0600, tokenfile)
       end
     rescue => e
       STDERR.puts "Error setting token for #{l[:username]}: #{e}"
     end
 
     FileUtils.chown_R(l[:username], nil, userdotssh)
-    FileUtils.chown_R(l[:username], nil, configarvados)
+    FileUtils.chown_R(l[:username], nil, userdotconfig)
     File.chmod(0700, userdotssh)
+    File.chmod(0700, userdotconfig)
+    File.chmod(0700, configarvados)
     File.chmod(0750, homedir)
     File.chmod(0600, keysfile)
-    File.chmod(0700, configarvados)
+    if File.exist?(tokenfile)
+      File.chmod(0600, tokenfile)
+    end
   end
 
   devnull.close