private-keys-v1.d and preserve-permissions
Jerry
jerry at seibercom.net
Thu Sep 10 11:40:36 CEST 2020
On Thu, 10 Sep 2020 11:13:34 +0200, Martin Pätzold stated:
> >> Yes, we have some period tasks that are handled by Celery. Celery
> >> has its own user on the system and this user needs at least read
> >> access to the keys, therefore we had to extend the permissions for
> >> the "private-keys-v1.d" directory to group access.
> >
> > Long shot: does your system support ACLs?
>
>Using ACL would be possible, but we are reluctant to do so, since it
>adds a second permissions layer that is only visible if you actively
>look for it.
Perhaps I am not understanding this correctly, but wouldn't that be a
good thing?
--
Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200910/d7db725a/attachment.sig>
More information about the Gnupg-users
mailing list