alee/relicario
1
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

fix(cli/org): rotate-key writes member key blobs atomically (crash-safe)

Browse Source
This commit is contained in:
adlee-was-taken
2026-06-20 13:17:16 -04:00
parent 558da3bd75
commit 3b6dbbe353
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/relicario-cli/src/commands/org.rs
View File

@@ -376,7 +376,7 @@ pub fn run_rotate_key(dir: &Path) -> Result<()> {
let wrapped = wrap_org_key(&new_org_key, &member.ed25519_pubkey) let wrapped = wrap_org_key(&new_org_key, &member.ed25519_pubkey)
.with_context(|| format!("wrap key for {}", member.display_name))?; .with_context(|| format!("wrap key for {}", member.display_name))?;
let key_path = vault.member_key_path(&member.member_id); let key_path = vault.member_key_path(&member.member_id);
fs::write(&key_path, &wrapped) crate::org_session::atomic_write(&key_path, &wrapped)
.with_context(|| format!("write key for {}", member.display_name))?; .with_context(|| format!("write key for {}", member.display_name))?;
staged_paths.push(format!("keys/{}.enc", member.member_id.as_str())); staged_paths.push(format!("keys/{}.enc", member.member_id.as_str()));
} }