def test_renew_files_permissions(context: IntegrationTestsContext) -> None: """Test proper certificate file permissions upon renewal""" certname = context.get_domain('renew') context.certbot(['-d', certname]) privkey1 = join(context.config_dir, 'archive', certname, 'privkey1.pem') privkey2 = join(context.config_dir, 'archive', certname, 'privkey2.pem') assert_cert_count_for_lineage(context.config_dir, certname, 1) assert_world_no_permissions(privkey1) context.certbot(['renew']) assert_cert_count_for_lineage(context.config_dir, certname, 2) assert_world_no_permissions(privkey2) assert_equals_group_owner(privkey1, privkey2) assert_equals_world_read_permissions(privkey1, privkey2) assert_equals_group_permissions(privkey1, privkey2)
def test_renew_files_permissions(context): """Test proper certificate file permissions upon renewal""" certname = context.get_domain('renew') context.certbot(['-d', certname]) assert_cert_count_for_lineage(context.config_dir, certname, 1) assert_world_permissions( join(context.config_dir, 'archive', certname, 'privkey1.pem'), 0) context.certbot(['renew']) assert_cert_count_for_lineage(context.config_dir, certname, 2) assert_world_permissions( join(context.config_dir, 'archive', certname, 'privkey2.pem'), 0) assert_equals_group_owner( join(context.config_dir, 'archive', certname, 'privkey1.pem'), join(context.config_dir, 'archive', certname, 'privkey2.pem')) assert_equals_permissions( join(context.config_dir, 'archive', certname, 'privkey1.pem'), join(context.config_dir, 'archive', certname, 'privkey2.pem'), 0o074)