summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--rotate-keys.in6
1 files changed, 4 insertions, 2 deletions
diff --git a/rotate-keys.in b/rotate-keys.in
index 9299af7..8255729 100644
--- a/rotate-keys.in
+++ b/rotate-keys.in
@@ -45,6 +45,10 @@ host_key_files=$(
if [ "$(whoami)" != "${certificate_user}" ]; then
if [ "$(whoami)" = 'root' ]; then
+ chown -R "${certificate_user}" "${key_dir}"
+ su "${certificate_user}" -s /bin/bash -c "${me}" \
+ || exit $?
+
updated_something=false
for host_key_file in ${host_key_files}; do
if [ -f "${key_dir}/${host_key_file}.key.new" ] \
@@ -68,8 +72,6 @@ if [ "$(whoami)" != "${certificate_user}" ]; then
systemctl try-restart nginx
fi
- chown -R "${certificate_user}" "${key_dir}"
- su "${certificate_user}" -s /bin/bash -c "${me}"
exit $?
fi
>&2 printf 'only root can su %s\n' "${certificate_user}"