rsync-server icon indicating copy to clipboard operation
rsync-server copied to clipboard

Published 20 hours ago verified publisher icon axiom-data-science

Remove the chmod and chown for authorized_keys

Open romulus-ai opened this issue 4 years ago • 5 comments

This small step, prevents usage of configmaps for authorized_keys in K8S.

romulus-ai avatar Nov 27 '20 14:11 romulus-ai

Hy,

the chmod and chown is added, to work out of the box with Clusterfilesystem PVC. So the user can send self with ssh-copy-id her public key.

without chmod and chown, the authorized_keys is not working.

i think the solution is, detect if permissions is correct, or if authorized_keys exists on Container creating.

Brawn1 avatar Nov 27 '20 22:11 Brawn1

OK, i see this, and recheck this step. :-)

Brawn1 avatar Nov 27 '20 23:11 Brawn1

@romulus-ai Would you imagine this being controlled by an environmental variable that would disable the authorized_keys file mods, or checking if file existed and already had the correct ownership and permissions before modding? If you had a yaml laying around of how you typically mount authorized_keys using ConfigMaps I would be willing to test it with minikube.

kwilcox avatar Jan 25 '21 20:01 kwilcox

Think the better approach is to check the correct permissions before changing them and to fail if the permissions are wrong and cannot be changed.

romulus-ai avatar Feb 05 '21 09:02 romulus-ai

Potential fix here, reviews/comments welcome.

https://github.com/axiom-data-science/rsync-server/pull/22

srstsavage avatar Feb 21 '24 06:02 srstsavage