Open joao-fidalgo opened 2 years ago
Yes. For some reason I'm unable to chmod (or chown) any file in the volume. Therefore I'm unable to give execute permissions to shell scripts. I installed csi-rclone using the provided templates.
I think I found a solution.
By default the rclone mount
command sets the mode to 0666
for all files in the mounted volume. See --file-perms FileMode
option. But you can change this behaviour setting a different mode for the --file-perms option
. E.g. --file-perms 0777
will set all files as executable for everyone.
In order to tell csi-rclone to set the --file-perms
option for rclone mount
you need to set e.g. file-perms: "0777"
under volumeAttributes
in the PersistentVolume (or in the rclone-secret
Secret stringData
).
Example of PersistentVolume:
apiVersion: v1
kind: PersistentVolume
metadata:
name: data-rclone-example
labels:
name: data-rclone-example
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 10Gi
storageClassName: rclone
csi:
driver: csi-rclone
volumeHandle: data-id
volumeAttributes:
remote: "s3"
remotePath: "projectname/pvname"
file-perms: "0777"
s3-provider: "Minio"
s3-endpoint: "http://minio.minio:9000"
s3-access-key-id: "ACCESS_KEY_ID"
s3-secret-access-key: "SECRET_ACCESS_KEY"
Example of Secret:
apiVersion: v1
kind: Secret
metadata:
name: rclone-secret
namespace: csi-rclone
type: Opaque
stringData:
remote: "my-s3"
remotePath: "projectname"
file-perms: "0777"
configData: |
[my-s3]
type = s3
provider = Minio
access_key_id = ACCESS_KEY_ID
secret_access_key = SECRET_ACCESS_KEY
endpoint = http://minio-release.default:9000
The option set in the PersistentVolume takes precedence over the option set in the Secret, according to csi-rclone readme.
I tried the above approach and managed to execute scripts on the mounted volume.
You can set a different File Mode for file-perms
if you want to limit the permissions to the user or group. There is also another rclone mount
option called dir-perms
which does the same for directories in the volume.
Unfortunately my understanding is that rclone does not allow you to set specific file permissions on specific files in the mounted volume, or to chmod files on the volume after it has been mounted. Therefore whatever file-perms
you set will apply to all files. In the example above, all files in the volume will be executable by everybody, not just shell scripts. There doesn't appear to be a work around for that.
Hello,
I'm using csi-rclone with the GitLab Runners helm chart in order to provide RWX volumes.
Getting permission denied executing shell scripts that are pulled through git. Has anyone experienced permission issues?