On 14.06.24 11:38, Julien Petit wrote:
We use the mounts to share an initial folder with either rw or ro wrights in a user directory. The user directory is then accessible through a web interface, sftp, webdav and rsync. There is probably better ways to do that now but that's a legacy app (2009) that we'd rather leave alone :)
If there's a better way should be judged on what exactly that app expects. For the web interface, maybe the http server - or whatever makes the web interface accessible to the users - can limit permissions. For the rest of the use cases it would be interesting which circumstances would need to be fulfilled for a user to be able to change permissions on a file they own. And if they could even change the permissions through sftp, webdav or rsync. Because if not, the simplest fix would be a cron job that peridoically sets the permissions on the directory, so you don't need a dedicated mount. But Maybe you want to create a separate topic where you describe exatcly what the basic requirements are and ask for suggestions what the best solution may be. Maybe something like AppArmor rules or other methods that aren't known by your typical user could be a better solution.
Yes, not urgent and very specific. I'm going to try to set the mounts to private as Max suggested and see how it goes. Thanks for your help.
If you haven't already, remember to create a bug report and include as much detail and logs as you can gather, as people will need to be able to tell what the actual issue is. Maybe it's a limitation of the file system, of the hardware or something else. Richard
