setup-alpine: include /root instead of only authorized_keys

This works around issue where /root might get world rx permissions. fixes https://gitlab.alpinelinux.org/alpine/alpine-conf/-/issues/10532
author: Natanael Copa <ncopa@alpinelinux.org> 2022-11-18 16:02:12 +0100
committer: Natanael Copa <ncopa@alpinelinux.org> 2022-11-18 16:04:18 +0100
commit: f7038ce6552a5d0a43265ab88f253ce3bc15f6f1 (patch)
tree: 3b5678fc9f03310041e9d2f26e1110020fbef5b2
parent: 937ef1d7aa8452506760cbac6fa2f9485ff14dea (diff)
download: alpine-conf-f7038ce6552a5d0a43265ab88f253ce3bc15f6f1.zip
2 files changed, 2 insertions, 2 deletions
diff --git a/setup-alpine.in b/setup-alpine.in
index fb8a76e..2308f88 100644
--- a/setup-alpine.in
+++ b/setup-alpine.in
@@ -245,7 +245,7 @@ done
 setup-sshd ${ROOTSSHKEY+-k "$ROOTSSHKEY"} ${SSHDOPTS}
 root_keys="$ROOT"/root/.ssh/authorized_keys
 if [ -f "$root_keys" ]; then
-	lbu add "$root_keys"
+	lbu add "$ROOT"/root
 fi
 
 if is_xen_dom0; then
diff --git a/tests/setup_alpine_test b/tests/setup_alpine_test
index 668d20b..82e64b6 100755
--- a/tests/setup_alpine_test
+++ b/tests/setup_alpine_test
@@ -54,7 +54,7 @@ setup_alpine_create_answerfile_body() {
 		|| atf_fail "ssh key not set for juser"
 	grep -x "ssh-rsa blahbla user@example.com" root/.ssh/authorized_keys \
 		|| atf_fail "ssh key not set for root"
-	for file in home/juser root/.ssh/authorized_keys; do
+	for file in home/juser root; do
 		grep -x "+.*$file" etc/apk/protected_paths.d/lbu.list \
 			|| atf_fail "$file was not added to lbu.list"
 	done
author	Natanael Copa <ncopa@alpinelinux.org>	2022-11-18 16:02:12 +0100
committer	Natanael Copa <ncopa@alpinelinux.org>	2022-11-18 16:04:18 +0100
commit	f7038ce6552a5d0a43265ab88f253ce3bc15f6f1 (patch)
tree	3b5678fc9f03310041e9d2f26e1110020fbef5b2
parent	937ef1d7aa8452506760cbac6fa2f9485ff14dea (diff)
download	alpine-conf-f7038ce6552a5d0a43265ab88f253ce3bc15f6f1.zip