2 files changed, 11 insertions, 3 deletions

diff --git a/src/or/router.c b/src/or/router.c
index 2d8208aa04..e4fa72a283 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -849,7 +849,12 @@ init_keys(void)
   if (init_keys_common() < 0)
     return -1;
   /* Make sure DataDirectory exists, and is private. */
-  if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+  cpd_check_t cpd_opts = CPD_CREATE;
+  if (options->DataDirectoryGroupReadable)
+    cpd_opts |= CPD_GROUP_READ;
+  if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
+    log_err(LD_OR, "Can't create/check datadirectory %s",
+            options->DataDirectory);
     return -1;
   }
   /* Check the key directory. */
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 51802b15e5..e20787123e 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -785,8 +785,11 @@ load_ed_keys(const or_options_t *options, time_t now)
     if (options->command == CMD_KEYGEN)
       flags |= INIT_ED_KEY_TRY_ENCRYPTED;
 
-    /* Check the key directory */
-    if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+    /* Check/Create the key directory */
+    cpd_check_t cpd_opts = CPD_CREATE;
+    if (options->DataDirectoryGroupReadable)
+      cpd_opts |= CPD_GROUP_READ;
+    if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
       log_err(LD_OR, "Can't create/check datadirectory %s",
               options->DataDirectory);
       goto err;