From 78a2d50f8ef26db5d0757241446c30587ef54fef Mon Sep 17 00:00:00 2001
From: warroyo <warroyo7199008@gmail.com>
Date: Fri, 13 Nov 2020 13:36:49 -0700
Subject: [PATCH] fixng perms and user

---
 manifest-vds.yml | 2 +-
 proxy.sh         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/manifest-vds.yml b/manifest-vds.yml
index 041e868..5779826 100644
--- a/manifest-vds.yml
+++ b/manifest-vds.yml
@@ -83,7 +83,7 @@ spec:
     spec:
       serviceAccountName: internal-kubectl
       securityContext:
-        runAsUser: 100
+        runAsUser: 1000
         runAsGroup: 1000
         fsGroup: 1000
       containers:
diff --git a/proxy.sh b/proxy.sh
index b95ced3..2d7d692 100755
--- a/proxy.sh
+++ b/proxy.sh
@@ -56,7 +56,7 @@ function run()
       #get the secret for the machine and create a file
       loginfo "getting ssh key for ${cluster}"
       kubectl get secret ${cluster}-ssh -n ${ns} -o jsonpath="{.data.ssh-privatekey}" | base64 -d > /tmp/sshkey.pem
-      chmod 400 /tmp/sshkey.pem
+      chmod 600 /tmp/sshkey.pem
 
       loginfo "attempting ssh to ${ip}"
       ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /tmp/sshkey.pem vmware-system-user@${ip} << EOF