Thiết kế website giá rẻ

Question

I’m quite stumped… I am trying to setup Radicale with the following docker-compose.yml:

<code>version: '3.7'

services:

radicale:

image: tomsquest/docker-radicale:latest

container_name: radicale

volumes:

- /storage/enc/docker/radicale/data:/data

- /storage/enc/docker/radicale/users:/etc/radicale/users

ports:

- "5232:5232"

env_file:

- .env

restart: unless-stopped

volumes:

data:

</code>

<code>version: '3.7' services: radicale: image: tomsquest/docker-radicale:latest container_name: radicale volumes: - /storage/enc/docker/radicale/data:/data - /storage/enc/docker/radicale/users:/etc/radicale/users ports: - "5232:5232" env_file: - .env restart: unless-stopped volumes: data: </code>

version: '3.7'

services:
  radicale:
    image: tomsquest/docker-radicale:latest
    container_name: radicale
    volumes:
      - /storage/enc/docker/radicale/data:/data
      - /storage/enc/docker/radicale/users:/etc/radicale/users
    ports:
      - "5232:5232"
    env_file:
      - .env
    restart: unless-stopped

volumes:
  data:

My machine is an Ubuntu server that has a ZFS pool mounted at /storage. Below is a sequence of steps I performed to try and create a ZFS dataset (/storage/enc/docker/radicale) to be used for Radicale volumes. I set myself, paul, as a rwx user but when Docker created the volumes (subfolders of the ZFS dataset,) my permissions got downgraded to r-x… Why is this? I’ve set an ACL on the dataset and told Docker it can create some volumes within in, why is it kicking my user out? Any herlp would be greatly appreciated, thanks.

<code>paul@paul-lab:/storage/enc/docker$ sudo zfs create storage/enc/docker/radicale

paul@paul-lab:/storage/enc/docker$ sudo setfacl -R -m "u:paul:rwx" /storage/enc/docker/radicale

paul@paul-lab:/storage/enc/docker$ sudo setfacl -d -R -m "u:paul:rwx" /storage/enc/docker/radicale

paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale

getfacl: Removing leading '/' from absolute path names

# file: storage/enc/docker/radicale

# owner: root

# group: root

user::rwx

user:paul:rwx

group::r-x

mask::rwx

other::r-x

default:user::rwx

default:user:paul:rwx

default:group::r-x

default:mask::rwx

default:other::r-x

paul@paul-lab:/storage/enc/docker$ cd ~/code/paul-lab-docker/radicale/

paul@paul-lab:~/code/paul-lab-docker/radicale$ docker-compose up -d

Creating network "radicale_default" with the default driver

Creating radicale ... done

paul@paul-lab:~/code/paul-lab-docker/radicale$ cd -

/storage/enc/docker

paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale/users/

getfacl: Removing leading '/' from absolute path names

# file: storage/enc/docker/radicale/users/

# owner: root

# group: root

user::rwx

user:paul:rwx #effective:r-x

group::r-x

mask::r-x

other::r-x

default:user::rwx

default:user:paul:rwx

default:group::r-x

default:mask::rwx

default:other::r-x

paul@paul-lab:/storage/enc/docker$ cd radicale/users/

paul@paul-lab:/storage/enc/docker/radicale/users$ touch tmp.txt

touch: cannot touch 'tmp.txt': Permission denied

</code>

<code>paul@paul-lab:/storage/enc/docker$ sudo zfs create storage/enc/docker/radicale paul@paul-lab:/storage/enc/docker$ sudo setfacl -R -m "u:paul:rwx" /storage/enc/docker/radicale paul@paul-lab:/storage/enc/docker$ sudo setfacl -d -R -m "u:paul:rwx" /storage/enc/docker/radicale paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale getfacl: Removing leading '/' from absolute path names # file: storage/enc/docker/radicale # owner: root # group: root user::rwx user:paul:rwx group::r-x mask::rwx other::r-x default:user::rwx default:user:paul:rwx default:group::r-x default:mask::rwx default:other::r-x paul@paul-lab:/storage/enc/docker$ cd ~/code/paul-lab-docker/radicale/ paul@paul-lab:~/code/paul-lab-docker/radicale$ docker-compose up -d Creating network "radicale_default" with the default driver Creating radicale ... done paul@paul-lab:~/code/paul-lab-docker/radicale$ cd - /storage/enc/docker paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale/users/ getfacl: Removing leading '/' from absolute path names # file: storage/enc/docker/radicale/users/ # owner: root # group: root user::rwx user:paul:rwx #effective:r-x group::r-x mask::r-x other::r-x default:user::rwx default:user:paul:rwx default:group::r-x default:mask::rwx default:other::r-x paul@paul-lab:/storage/enc/docker$ cd radicale/users/ paul@paul-lab:/storage/enc/docker/radicale/users$ touch tmp.txt touch: cannot touch 'tmp.txt': Permission denied </code>

paul@paul-lab:/storage/enc/docker$ sudo zfs create storage/enc/docker/radicale
paul@paul-lab:/storage/enc/docker$ sudo setfacl -R -m "u:paul:rwx" /storage/enc/docker/radicale
paul@paul-lab:/storage/enc/docker$ sudo setfacl -d -R -m "u:paul:rwx" /storage/enc/docker/radicale
paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale
getfacl: Removing leading '/' from absolute path names
# file: storage/enc/docker/radicale
# owner: root
# group: root
user::rwx
user:paul:rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:paul:rwx
default:group::r-x
default:mask::rwx
default:other::r-x
paul@paul-lab:/storage/enc/docker$ cd ~/code/paul-lab-docker/radicale/
paul@paul-lab:~/code/paul-lab-docker/radicale$ docker-compose up -d
Creating network "radicale_default" with the default driver
Creating radicale ... done
paul@paul-lab:~/code/paul-lab-docker/radicale$ cd -
/storage/enc/docker
paul@paul-lab:/storage/enc/docker$ getfacl /storage/enc/docker/radicale/users/
getfacl: Removing leading '/' from absolute path names
# file: storage/enc/docker/radicale/users/
# owner: root
# group: root
user::rwx
user:paul:rwx                  #effective:r-x
group::r-x
mask::r-x
other::r-x
default:user::rwx
default:user:paul:rwx
default:group::r-x
default:mask::rwx
default:other::r-x
paul@paul-lab:/storage/enc/docker$ cd radicale/users/
paul@paul-lab:/storage/enc/docker/radicale/users$ touch tmp.txt
touch: cannot touch 'tmp.txt': Permission denied

Thiết kế website giá rẻ

Danh mục

Docker downgrading volume ACL