From a30d143228b4211fd24093c244117e07e9409de5 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 19 Nov 2019 11:59:21 -0500
Subject: Make KeyDirectory's GroupReadable behave the same as
 CacheDirectory's.

In #26913 we solved a bug where CacheDirectoryGroupReadable would
override DataDirectoryGroupReadable when the two directories are the
same.  We never did the same for KeyDirectory, though, because
that's a rare setting.

Now that I'm testing this code, though, fixing this issue seems
fine.  Fixes bug #27992; bugfix on 0.3.3.1-alpha.
---
 doc/tor.1.txt | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'doc')

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index ed9efb6fca..4cbfa01a06 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2589,10 +2589,12 @@ is non-zero):
     running.
     (Default: the "keys" subdirectory of DataDirectory.)
 
-[[KeyDirectoryGroupReadable]] **KeyDirectoryGroupReadable** **0**|**1**::
+[[KeyDirectoryGroupReadable]] **KeyDirectoryGroupReadable** **0**|**1**|**auto**::
     If this option is set to 0, don't allow the filesystem group to read the
-    KeywDirectory. If the option is set to 1, make the KeyDirectory readable
-    by the default GID. (Default: 0)
+    KeyDirectory. If the option is set to 1, make the KeyDirectory readable
+    by the default GID. If the option is "auto", then we use the
+    setting for DataDirectoryGroupReadable when the KeyDirectory is the
+    same as the DataDirectory, and 0 otherwise. (Default: auto)
 
 [[RephistTrackTime]] **RephistTrackTime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**::
     Tells an authority, or other node tracking node reliability and history,
-- 
cgit v1.2.3-54-g00ecf