From dcb8ec0f1ee43825707d44c2712cb133fea6b31a Mon Sep 17 00:00:00 2001
From: paspo <paolo@asperti.com>
Date: Fri, 28 Mar 2025 15:04:48 +0100
Subject: [PATCH] set authorized_keys permissions

---
 rootfs-php74/app/entrypoint.sh | 7 +++++++
 rootfs/app/entrypoint.sh       | 7 +++++++
 2 files changed, 14 insertions(+)

diff --git a/rootfs-php74/app/entrypoint.sh b/rootfs-php74/app/entrypoint.sh
index f9e9265..1667944 100755
--- a/rootfs-php74/app/entrypoint.sh
+++ b/rootfs-php74/app/entrypoint.sh
@@ -60,6 +60,13 @@ for keytype in ecdsa rsa ed25519 ; do
   chmod 0600 "/ssh/ssh_host_${keytype}_key"
   chmod 0644 "/ssh/ssh_host_${keytype}_key.pub"
 done
+
+# set authorized_keys permissions
+if [ -f /ssh/authorized_keys ] ; then
+  chmod 0600 /ssh/authorized_keys
+  chown "${USERNAME}:${GROUPNAME}" /ssh/authorized_keys
+fi
+
 chmod 0700 "${WEBROOT}/.ssh"
 /usr/sbin/sshd -e
 
diff --git a/rootfs/app/entrypoint.sh b/rootfs/app/entrypoint.sh
index 5af895b..0918b99 100755
--- a/rootfs/app/entrypoint.sh
+++ b/rootfs/app/entrypoint.sh
@@ -70,6 +70,13 @@ for keytype in ecdsa rsa ed25519 ; do
   chmod 0600 "/ssh/ssh_host_${keytype}_key"
   chmod 0644 "/ssh/ssh_host_${keytype}_key.pub"
 done
+
+# set authorized_keys permissions
+if [ -f /ssh/authorized_keys ] ; then
+  chmod 0600 /ssh/authorized_keys
+  chown "${USERNAME}:${GROUPNAME}" /ssh/authorized_keys
+fi
+
 chmod 0700 "${WEBROOT}/.ssh"
 /usr/sbin/sshd -e