On Mon January 16 2012, Tim Watts wrote: > Hi, > > Might be a dumbo question, but I cannot see the answer in man mount.aufs > or google... > > If I have 2 branches, br1 (RW) and br2(RO) layers with aufs, it seems > that users cannot write to parts of the merged tree where they do not > have write permissions on br2 > > Now, this makes complete sense. > > But can it be overridden? > > Reason: > > I have a pristine tree on my digital photos that my web served, can read > but not write too (good). This will be the br2(RO) branch. > > I have been trying to layer a web-server writeable FS on top to present > a union view. This is br1(RW) and the web server can write to this. > > It turns out in practise that the webserver can create files or > directories in the root directory of the AUFS mount point, but cannot do > so if the new path intersects with a path on br2. > > The idea is to let some photo gallery webapp loose on my photos without > it actually being able to affect the pristine branch br2. > > A typical operation is to create a thumbs/ directory in the existing > tree structure, or to replace a particular photo file with a rotated one. > > Any thoughts? >
The easy answer: Change the file permissions of the files in the (RO) branch. At least enough so that the user or group name the webserver is running on has sufficient permissions to delete. This change needs to apply to the directory permissions also. Depend on the layer (RO) attribute to protect them from actual change/deletion. Mike > Cheers, > > Tim > ------------------------------------------------------------------------------ RSA(R) Conference 2012 Mar 27 - Feb 2 Save $400 by Jan. 27 Register now! http://p.sf.net/sfu/rsa-sfdev2dev2
