diff options
author | Beat Reichenbach <44111292+beatreichenbach@users.noreply.github.com> | 2024-02-22 00:47:43 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-22 08:47:43 +0000 |
commit | c4dfb66d8476d85124242d5d4d7c799567258278 (patch) | |
tree | 6394c82f85b85a79ec966afb2af33d92805de3a4 | |
parent | f4d160684bf36c67d39ea60b9244cdb4c1041d67 (diff) |
docker: Add support for setting umask (#9429)
Add support for setting umask value in the Docker `entrypoint.sh`
script. This is useful when
not syncing permissions and working with groups, and needing umask
values like `002` instead of `022`.
-rw-r--r-- | README-Docker.md | 3 | ||||
-rwxr-xr-x | script/docker-entrypoint.sh | 4 |
2 files changed, 6 insertions, 1 deletions
diff --git a/README-Docker.md b/README-Docker.md index 27acf53aa1..02b0dc5d7b 100644 --- a/README-Docker.md +++ b/README-Docker.md @@ -15,6 +15,9 @@ To grant Syncthing additional capabilities without running as root, use the `PCAP` environment variable with the same syntax as that for `setcap(8)`. For example, `PCAP=cap_chown,cap_fowner+ep`. +To set a different umask value, use the `UMASK` environment variable. For +example `UMASK=002`. + ## Example Usage **Docker cli** diff --git a/script/docker-entrypoint.sh b/script/docker-entrypoint.sh index af87ef80b6..26a0c12c57 100755 --- a/script/docker-entrypoint.sh +++ b/script/docker-entrypoint.sh @@ -2,9 +2,11 @@ set -eu +[ -n "${UMASK:-}" ] && umask "$UMASK" + if [ "$(id -u)" = '0' ]; then binary="$1" - if [ "${PCAP:-}" == "" ] ; then + if [ -z "${PCAP:-}" ]; then # If Syncthing should have no extra capabilities, make sure to remove them # from the binary. This will fail with an error if there are no # capabilities to remove, hence the || true etc. |