From 532eb20d0705592e315d6f6b731de340c7621f0b Mon Sep 17 00:00:00 2001
From: Michael Mandl <mandlm@molez.net>
Date: Thu, 12 Nov 2020 11:29:33 +0100
Subject: [PATCH] Set permissions for bin and .gnupg

---
 roles/pinentry-wsl/tasks/main.yaml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/pinentry-wsl/tasks/main.yaml b/roles/pinentry-wsl/tasks/main.yaml
index 7483050..53530f8 100644
--- a/roles/pinentry-wsl/tasks/main.yaml
+++ b/roles/pinentry-wsl/tasks/main.yaml
@@ -4,7 +4,7 @@
   file:
       path: "/home/{{ account.name }}/bin"
       state: directory
-      mode: "0777"
+      mode: "0744"
 
 - name: download script
   become_user: "{{ account.name }}"
@@ -25,6 +25,13 @@
       name: gpg-agent
       state: latest
 
+- name: ensure user/.gnupg exists
+  become_user: "{{ account.name }}"
+  file:
+      path: "/home/{{ account.name }}/.gnupg"
+      state: directory
+      mode: "0700"
+
 - name: enable script in gpg-agent
   become_user: "{{ account.name }}"
   lineinfile: