From 466db83901c18a634b21394dc25ada6bb0c36c8a Mon Sep 17 00:00:00 2001
From: Stefan Agner <stefan@agner.ch>
Date: Tue, 28 Mar 2023 18:18:58 +0200
Subject: [PATCH] Set umask on swapfile creation (#2436)

Make sure the swapfile is only readable by the owner.
---
 buildroot-external/rootfs-overlay/usr/libexec/haos-swapfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/buildroot-external/rootfs-overlay/usr/libexec/haos-swapfile b/buildroot-external/rootfs-overlay/usr/libexec/haos-swapfile
index add55a130..46080ff76 100755
--- a/buildroot-external/rootfs-overlay/usr/libexec/haos-swapfile
+++ b/buildroot-external/rootfs-overlay/usr/libexec/haos-swapfile
@@ -14,6 +14,7 @@ if [ ! -s "${swapfile}" ] || [ "$(stat "${swapfile}" -c '%s')" -lt $((swapsize *
 	fi
 
 	echo "[INFO] Creating swapfile of size $((swapsize *4))k"
+	umask 0077
 	dd if=/dev/zero of="${swapfile}" bs=4k count="${swapsize}"
 fi