Set correct user/group (tang/tang) in tangd-keygen

Resolves: rhbz#2188743

Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>

0004-Set-tang-owner-group.patch

@@ -0,0 +1,26 @@
+--- tang-7.ori/src/tangd-keygen	2023-07-21 11:45:39.091100369 +0200
++++ tang-7/src/tangd-keygen	2023-07-21 11:47:58.813612221 +0200
+@@ -20,6 +20,13 @@
+ 
+ trap 'exit' ERR
+ 
++set_perms() {
++    chmod -- 0440 "${1}"
++    if ! chown -- "tang:tang" "${1}" 2>/dev/null; then
++        echo "Unable to change owner/group for ${1} to tang:tang" >&2
++    fi
++}
++
+ if [ $# -ne 1 -a $# -ne 3 ] || [ ! -d "$1" ]; then
+     echo "Usage: $0 <jwkdir> [<sig> <exc>]" >&2
+     exit 1
+@@ -32,7 +39,9 @@
+ jwe=`jose jwk gen -i '{"alg":"ES512"}'`
+ [ -z "$sig" ] && sig=`echo "$jwe" | jose jwk thp -i-`
+ echo "$jwe" > $1/$sig.jwk
++set_perms "$1/$sig.jwk"
+ 
+ jwe=`jose jwk gen -i '{"alg":"ECMR"}'`
+ [ -z "$exc" ] && exc=`echo "$jwe" | jose jwk thp -i-`
+ echo "$jwe" > $1/$exc.jwk
++set_perms "$1/$exc.jwk"

tang.spec

@@ -1,6 +1,6 @@
 Name:           tang
 Version:        7
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        Network Presence Binding Daemon
 
 License:        GPLv3+
@@ -9,6 +9,7 @@ Source0:        https://github.com/latchset/%{name}/releases/download/v%{version
 Patch1: 0001-Move-key-generation-to-tang.patch
 Patch2: 0002-Exit-with-success-unless-the-issue-was-with-with-tan.patch
 Patch3: 0003-Fix-permissions-race-condition.patch
+Patch4: 0004-Set-tang-owner-group.patch
 
 BuildRequires:  gcc
 BuildRequires:  autoconf
@@ -90,6 +91,10 @@ exit 0
 %{_mandir}/man1/tang-show-keys.1*
 
 %changelog
+* Fri Jul 21 2023 Sergio Arroutbi <sarroutb@redhat.com> - 7-8
+- Set correct user/group (tang/tang) in tangd-keygen
+  Resolves: rhbz#2188743
+
 * Wed Jun 28 2023 Sergio Arroutbi <sarroutb@redhat.com> - 7-7
 - Fix race condition when creating/rotating keys
   Resolves: rhbz#2182410