Currently, mount_storages.py scripts executes chmod g+rwx for all nfs storage mounts. In certain cases such mechanism can be too unsecure e.g. ssh keys directory.
Approach
Introduce an optional way to override mount initial mask to be used in chmod call via storage metadata key chmod.
Background
Currently,
mount_storages.pyscripts executeschmod g+rwxfor all nfs storage mounts. In certain cases such mechanism can be too unsecure e.g. ssh keys directory.Approach
Introduce an optional way to override mount initial mask to be used in
chmodcall via storage metadata keychmod.