private-keys-v1.d and preserve-permissions
jerry at seibercom.net
Thu Sep 10 11:40:36 CEST 2020
On Thu, 10 Sep 2020 11:13:34 +0200, Martin Pätzold stated:
> >> Yes, we have some period tasks that are handled by Celery. Celery
> >> has its own user on the system and this user needs at least read
> >> access to the keys, therefore we had to extend the permissions for
> >> the "private-keys-v1.d" directory to group access.
> > Long shot: does your system support ACLs?
>Using ACL would be possible, but we are reluctant to do so, since it
>adds a second permissions layer that is only visible if you actively
>look for it.
Perhaps I am not understanding this correctly, but wouldn't that be a
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users