From 275b28593ef3a1b9d05b6eeda3ddce2f45f5c06f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 3 Nov 2023 15:15:06 +0100
Subject: [PATCH] sops-install-secrets: check that both uid & gid are correct
 on mountpoints

---
 pkgs/sops-install-secrets/linux.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/sops-install-secrets/linux.go b/pkgs/sops-install-secrets/linux.go
index 6f50a7a4..3e9e013e 100644
--- a/pkgs/sops-install-secrets/linux.go
+++ b/pkgs/sops-install-secrets/linux.go
@@ -39,7 +39,7 @@ func SecureSymlinkChown(symlinkToCheck, expectedTarget string, owner, group int)
 	if err != nil {
 		return fmt.Errorf("cannot stat '%s': %w", symlinkToCheck, err)
 	}
-	if stat.Uid == uint32(owner) || stat.Gid == uint32(group) {
+	if stat.Uid == uint32(owner) && stat.Gid == uint32(group) {
 		return nil // already correct
 	}