acmetool removes hook file executable bit

[retrogradeorbit]

Placing an executable file in the hooks directory results in acmetool removing the executable bit and then failing:

root@git:~# ls -alF /var/lib/acme/hooks/remote-dns
-rwxr-xr-x 1 root root 129 Aug 15 15:26 /var/lib/acme/hooks/remote-dns*

root@git:~# acmetool want my.domain.com
20190815154746 [WARN] fdb: "hooks/remote-dns" has wrong mode -rwxr-xr-x, changing to -rw-r--r--

... then goes on to fail ...

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic

$ dpkg -l | grep acmetool
ii acmetool 0.0.62-2 amd64 automatic certificate acquisition tool for Let's Encrypt

According to the spec:

The hooks directory MUST contain only executable objects (i.e. executable scripts or binaries or symlinks to them). However, implementations SHOULD ignore non-executable objects. "Executable" here means executable in practical terms, and does not refer merely to the file having the executable bits set in its mode, which is a necessary but not sufficient condition.

[asalmela]

If Ubuntu follows Debian packaging, hooks directory would be /etc/acme/hooks.