private-keys-v1.d and preserve-permissions
martin.paetzold at rheinwerk-verlag.de
Thu Sep 10 11:13:34 CEST 2020
>> Yes, we have some period tasks that are handled by Celery. Celery has
>> its own user on the system and this user needs at least read access to
>> the keys, therefore we had to extend the permissions for the
>> "private-keys-v1.d" directory to group access.
> Long shot: does your system support ACLs?
Using ACL would be possible, but we are reluctant to do so, since it
adds a second permissions layer that is only visible if you actively
look for it.
More information about the Gnupg-users