Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto create /tmp/parsec with correct permissions on startup #195

Closed
sbailey-arm opened this issue Jul 3, 2020 · 3 comments
Closed

Auto create /tmp/parsec with correct permissions on startup #195

sbailey-arm opened this issue Jul 3, 2020 · 3 comments
Labels
enhancement New feature or request security Issues related to the security and privacy of the service

Comments

@sbailey-arm
Copy link
Contributor

sbailey-arm commented Jul 3, 2020
edited
Loading

Would it be feasible to have Parsec create the /tmp/parsec directory when it starts, if it doesn't already exist?

If the user that Parsec runs as is already part of parsec-clients, then I think it should just need to execute:

mkdir /tmp/parsec
chown :parsec-clients /tmp/parsec
chmod 750 /tmp/parsec
@hug-dev hug-dev added enhancement New feature or request security Issues related to the security and privacy of the service labels Jul 3, 2020
@hug-dev
Copy link
Member

hug-dev commented Jul 3, 2020

I agree with the idea, that would facilitate deployments as well.

chown :parsec-clients /tmp/parsec

Is it required that the current user is part of the parsec-clients group to execute that?

I can add more, out of my head:

  • if the folder exists, we could make the same checks as the client is doing
  • we could check that the current user is parsec
  • we could check that the parsec-clients group exists
  • we should have all of those checks activated by default, but be able to disable them with a feature, like in the client (and under testing)

That way, the only action needed by the admin would be to create the parsec-clients group.

@ionut-arm
Copy link
Member

we should have all of those checks activated by default, but be able to disable them with a feature, like in the client (and under testing)

we should also have tests where we have it active and we run parsec from different users in a container :)

@hug-dev
Copy link
Member

hug-dev commented Aug 6, 2020

Done by #205

@hug-dev hug-dev closed this as completed Aug 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request security Issues related to the security and privacy of the service
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hug-dev @ionut-arm @sbailey-arm