Opened 10 years ago

Closed 9 years ago

#501 closed enhancement (fixed)

Ability to customize file system permissions

Reported by: killyourtv Owned by: zzz
Priority: minor Milestone: 0.8.9
Component: router/general Version: 0.8.7
Keywords: Cc: killyourtv
Parent Tickets: Sensitive: no


It could be useful to allow the configuration of the permissions of files that I2P creates (or perhaps just write the files with user/group rights).

For example, if the router is run under the user "i2psvc", any files created in ~i2psvc are set to mode 600, directories are set to 700. In my case, the files are owned by user i2psvc and group i2psvc…but group i2psvc has no access. If I grant group access (with chmod 660), the permissions are reset to 600 if I2P saves/appends the file.

What I am seeking is a way to set the permissions in ~i2psvc to grant rights to both the user & group so that a member of the i2psvc group to access the files (which would be particularly useful for accessing files downloaded with I2Psnark, for example).

This could also be useful for any users that run I2P under a different user account from their own.


Change History (4)

comment:1 Changed 10 years ago by zzz

You have a proposal for what screen to put this on? Or advanced config only? In the router console, or in each app?

If the real problem is i2psnark, putting it on the i2psnark config page may be the best?

comment:2 Changed 10 years ago by killyourtv

Snark's config and/or the router's advanced config would probably be good.

It could be a boolean value: 770/660 VS 700/600

comment:3 Changed 9 years ago by zzz

Milestone: 0.8.9
Owner: set to zzz
Status: newaccepted

There is an advanced config i2p.insecureFiles=true I forgot about. It disables the permissions changes and therefore uses the default umask. Of course with the wrapper umask bug this isn't so good.

I'm adding a i2psnark setting for 0.8.9, boolean value as described above.

comment:4 Changed 9 years ago by zzz

Resolution: fixed
Status: acceptedclosed

Option added to i2psnark in 0.8.8-18, please test.

With this and the existing i2p.insecureFiles advanced config, that's all I plan to do for now. The Java API to change individual mode bits is nonexistent in Java 5 and quite awkward to use in Java 6. It isn't until 7 that you get really fine-grained control.

Note: See TracTickets for help on using tickets.