permset

command module

v0.0.0-...-b5422a1 Latest Latest Go to latest Published: Jan 29, 2022 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jacobalberty/permset

Links

Open Source Insights

README ¶

permset

Simple Go-based permission setter for containers running as non root users

Usage

When this binary is called with setuid root permissions it will attempt to recursively change ownership of the directory specified at compile time to the user calling the binary. This is intended for docker containers that you want to run as a non root user but may need to ensure their data folder is owned by the user in the container

Example docker file

FROM golang:1.17-bullseye as permset
WORKDIR /src
RUN git clone https://github.com/jacobalberty/permset.git /src && \
    mkdir -p /out && \
    go build -ldflags "-X main.chownDir=/data" -o /out/permset

FROM debian:bullseye
COPY --from=permset /out/permset /usr/local/bin/permset
RUN chown 0.0 /usr/local/bin/permset && \
    chmod +s /usr/local/bin/permset  && \
    mkdir /data

USER nobody

if you build then run this container then /data will initially be owned by root. If you then call /usr/local/data/permset inside the container then /data will be owned by nobody

Security

chownDir MUST be an absolute path, not a relative one and any symbolic links in the path will be ignored.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL