forked from TrueCloudLab/restic
21 lines
1,016 B
Text
21 lines
1,016 B
Text
Enhancement: Use config file permissions to control file group access
|
|
|
|
Previously files in a local/SFTP repository would always end up with very
|
|
restrictive access permissions, allowing access only to the owner. This
|
|
prevented a number of valid use-cases involving groups and ACLs.
|
|
|
|
We now use the permissions of the config file in the repository to decide
|
|
whether group access should be given to newly created repository files or
|
|
not. We arrange for repository files to be created group readable exactly
|
|
when the repository config file is group readable.
|
|
|
|
To opt-in to group readable repositories, a simple `chmod -R g+r` or
|
|
equivalent on the config file can be used. For repositories that should
|
|
be writable by group members a tad more setup is required, see the docs.
|
|
|
|
Posix ACLs can also be used now that the group permissions being forced to
|
|
zero no longer masks the effect of ACL entries.
|
|
|
|
https://github.com/restic/restic/issues/2351
|
|
https://github.com/restic/restic/pull/3419
|
|
https://forum.restic.net/t/1391
|