From bcf911daf10e6fa148bfce8a6e091bda42ebd62c Mon Sep 17 00:00:00 2001
From: Shane McDonald <me@shanemcd.com>
Date: Mon, 19 Apr 2021 18:35:24 -0400
Subject: [PATCH] Fix permission assignment on rendered registry auth files

- This file shouldnt need the executable bit
- Should have been setting permissions before writing any data
- No need to close the file since we're using open w/ a context manager
---
 awx/main/tasks.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index da8b971881..15c0dc9c6c 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -878,14 +878,14 @@ class BaseTask(object):
             if cred.has_inputs(field_names=('host', 'username', 'password')):
                 path = os.path.split(private_data_dir)[0]
                 with open(path + '/auth.json', 'w') as authfile:
+                    os.chmod(authfile.name, stat.S_IRUSR | stat.S_IWUSR)
+
                     host = cred.get_input('host')
                     username = cred.get_input('username')
                     password = cred.get_input('password')
                     token = "{}:{}".format(username, password)
                     auth_data = {'auths': {host: {'auth': b64encode(token.encode('ascii')).decode()}}}
                     authfile.write(json.dumps(auth_data, indent=4))
-                authfile.close()
-                os.chmod(authfile.name, stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR)
                 params["container_options"].append(f'--authfile={authfile.name}')
             else:
                 raise RuntimeError('Please recheck that your host, username, and password fields are all filled.')