Improve lint/vet reliability and refactor client runtime/bootstrap

author: Paul Buetow <paul@buetow.org> 2026-03-05 08:50:33 +0200
committer: Paul Buetow <paul@buetow.org> 2026-03-05 08:50:33 +0200
commit: 5d1b9f1062d38c301c0995ec6da980bdf5e48332 (patch)
tree: 81e1a8963ea66cf06164e89beb6cd2da0ee325f7 /internal/ssh/client
parent: bb46cfbccea301721fb93485ea7169f5841feda3 (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/internal/ssh/client/knownhostscallback.go b/internal/ssh/client/knownhostscallback.go
index 9c73864..26ab245 100644
--- a/internal/ssh/client/knownhostscallback.go
+++ b/internal/ssh/client/knownhostscallback.go
@@ -243,8 +243,7 @@ func (c *KnownHostsCallback) trustHosts(hosts []unknownHost) {
 	}
 
 	// Read old known hosts file, to see which are old and new entries
-	os.OpenFile(c.knownHostsPath, os.O_RDONLY|os.O_CREATE, 0666)
-	oldFd, err := os.Open(c.knownHostsPath)
+	oldFd, err := os.OpenFile(c.knownHostsPath, os.O_RDONLY|os.O_CREATE, 0600)
 	if err != nil {
 		panic(err)
 	}
@@ -257,9 +256,14 @@ func (c *KnownHostsCallback) trustHosts(hosts []unknownHost) {
 		address := strings.SplitN(line, " ", 2)[0]
 
 		if _, ok := addresses[address]; !ok {
-			newFd.WriteString(fmt.Sprintf("%s\n", line))
+			if _, err := newFd.WriteString(fmt.Sprintf("%s\n", line)); err != nil {
+				panic(err)
+			}
 		}
 	}
+	if err := scanner.Err(); err != nil {
+		panic(err)
+	}
 
 	// Now, replace old known hosts file
 	if err := os.Rename(tmpKnownHostsPath, c.knownHostsPath); err != nil {
author	Paul Buetow <paul@buetow.org>	2026-03-05 08:50:33 +0200
committer	Paul Buetow <paul@buetow.org>	2026-03-05 08:50:33 +0200
commit	5d1b9f1062d38c301c0995ec6da980bdf5e48332 (patch)
tree	81e1a8963ea66cf06164e89beb6cd2da0ee325f7 /internal/ssh/client
parent	bb46cfbccea301721fb93485ea7169f5841feda3 (diff)