Skip to content
This repository has been archived by the owner on May 1, 2024. It is now read-only.

chmod-based shared folder permission system #96

Open
ghost opened this issue Jul 14, 2017 · 2 comments
Open

chmod-based shared folder permission system #96

ghost opened this issue Jul 14, 2017 · 2 comments

Comments

@ghost
Copy link

ghost commented Jul 14, 2017

ACL-based permission management is complicated doesn't work well. I had an idea today for a simple "just make the damn thing world-readable" system that would be based on chmod and file watching.

Because we would repeatedly chmod -R o+rwX folders, it's better if we limit the number of files it targets, so we'll ask users to indicate which subfolders, in their shared folder, should be world-writable. Something like:

shares:
  - source: .
    dest: /lxdockshare
    writable_paths:
      - some/relative/path
      - another/one

Considering that shared folders are mostly only used in development environments, I'm guessing that making some folders world readable isn't much of a problem. We would, of course, clearly indicate the "world readable" aspect of the thing in the docs.

The process would go something like this:

  1. On lxdock up, run chmod -Rf o+rwX on all writable paths, on the host.
  2. On lxdock halt, do the same, but on the guest.
  3. Add a new lxdock sync command that would behave like vagrant rsync-auto (possibly using entr?). It would chmod on both the host and the guest.

This would replace the ACL system.

Closely related to #46. Ping @robvdl .

@robvdl
Copy link
Member

robvdl commented Jul 17, 2017

I have to have a think about this, because things are currently working :)

The biggest issue I can see here, is all your git files becoming dirty all at the same time, if you mess with perms in the source root of your project

@shuhaowu
Copy link
Contributor

@robvdl how does this issue translate with the new uid/gid map system. Do we still care about it to be open?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants