private-keys-v1.d and preserve-permissions

Martin Pätzold martin.paetzold at
Thu Sep 10 11:13:34 CEST 2020

 >> Yes, we have some period tasks that are handled by Celery. Celery has
 >> its own user on the system and this user needs at least read access to
 >> the keys, therefore we had to extend the permissions for the
 >> "private-keys-v1.d" directory to group access.
 > Long shot: does your system support ACLs?

Using ACL would be possible, but we are reluctant to do so, since it 
adds a second permissions layer that is only visible if you actively 
look for it.


More information about the Gnupg-users mailing list