On Mon January 16 2012, Tim Watts wrote:
Hi,
Might be a dumbo question, but I cannot see the answer in man mount.aufs
or google...
If I have 2 branches, br1 (RW) and br2(RO) layers with aufs, it seems
that users cannot write to parts of the merged tree where they do not
have write permissions on br2
Now, this makes complete sense.
But can it be overridden?
Reason:
I have a pristine tree on my digital photos that my web served, can read
but not write too (good). This will be the br2(RO) branch.
I have been trying to layer a web-server writeable FS on top to present
a union view. This is br1(RW) and the web server can write to this.
It turns out in practise that the webserver can create files or
directories in the root directory of the AUFS mount point, but cannot do
so if the new path intersects with a path on br2.
The idea is to let some photo gallery webapp loose on my photos without
it actually being able to affect the pristine branch br2.
A typical operation is to create a thumbs/ directory in the existing
tree structure, or to replace a particular photo file with a rotated one.
Any thoughts?
The easy answer:
Change the file permissions of the files in the (RO) branch.
At least enough so that the user or group name the webserver is running
on has sufficient permissions to delete.
This change needs to apply to the directory permissions also.
Depend on the layer (RO) attribute to protect them from actual change/deletion.
Mike
Cheers,
Tim
--
RSA(R) Conference 2012
Mar 27 - Feb 2
Save $400 by Jan. 27
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev2