0
Under review

[Bug] Docker extra volume mappings lead to empty folder in FileRun UI, not empty in container

Rudhra 2 weeks ago updated 2 weeks ago 4

FileRun worked fine when I mounted 1 volume:

volumes:
- $USERDIR/docker/filerun/html:/var/www/html
- /mnt/pool/Users:/user-files:rw


But when I follow the solution in the first post of this topic to add other folders to 2 users:


    volumes:
- $USERDIR/docker/filerun/html:/var/www/html
- /mnt/pool/Users:/user-files:rw
- /mnt/pool/Users/Local/Asterix:/user-files/Local/userAAA/Asterix:rw
- /mnt/pool/Users/Local/Asterix:/user-files/Local/userBBB/Asterix:rw
- /mnt/pool/Collections:/user-files/Local/userAAA/Collections:rw
- /mnt/pool/Collections:/user-files/Local/userBBB/Collections:rw


Those folders userAAA and userBBB appear empty in FileRun web when I check with Superuser account.

When I check if the path is correct via FileRun web > Settings > UserAAA > Permissions, it says "valid path".

The folder /user-files/Local/Asterix does contain files.


When I check via a console in the FileRun container, the whole /user-files folder is missing.


What is happening here? This is a bit spooky.

Just fyi I also tried removing all Filerun (and related) containers, images, persistent volumes and emptied the folder $USERDIR/docker/filerun and ran docker-compose up again with all of the volume mappings mentioned above: same issue.

Under review

This is not a FileRun bug. You need to check the permissions of the "/mnt/pool/Users/Local/Asterix" folder and compare it with "/mnt/pool/Users" (assuming that this folder is accessible by FileRun)

OK I am halfway now, after fixing permissions I can see everything correctly in FileRun, but:


I do not want userAAA or any other user to be able to delete the folders (ie Asterix) that are mapped in their userfolders (userAAA).


What I have done now: 

775 and root:www-data (owner is root, but group is www-data, www-data user is in group www-data, not root) for:

/mnt/pool

/mnt/pool/Users/

/mnt/pool/Users/.... (Asterix, userAAA, userBBB)


This way folders like Asterix can be accessed by www-data but not deleted.
Everything one level deeper, inside folders Asterix, userAAA is www-data:www-data and 777.

On the Ubuntu machine itself, www-data can now do everything within /userAAA. 


Unfortunately, FileRun userAAA with folder /userAAA assigned to it can NOT edit/create any files in its folder/subfolder.

I want him to be able to do everything in his folder, just not to the mapped /userAAA/Asterix folder.

Is this possible with FileRun?

I think my previous comment is a bit unclear. Users should have edit/delete rights in their own UserAAA, UserBBB etc folders. Just no edit/delete right for the Asterix and Collections folder itself. They should have edit/delete rights for the contents of those folders. 

I just do not want users to be able to delete the folders that I am 'mapping in' their folders, while keeping full rights on the contents of those folders. 

Not sure if this is possible, I have been playing with permissions for 2 hours now..