New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal: Allow execute on shared folders (mount w/out noexec) #290

Open
y2k4life opened this Issue Feb 5, 2019 · 0 comments

Comments

2 participants
@y2k4life
Copy link

y2k4life commented Feb 5, 2019

I did not know I had an issue with executing on a docker container using a shared folder. The reason I believed I could execute is because when changing the ACL for a share the options are read/write/execute. Interesting enough when you add a share the GUI only shows read/write. If you change the privileges you don't see execute. To further the confusion after adding a share and looking the ACL, execute is set and it is an option in the drop downs.

Part of this is due to my (mis)understanding of execute bit at the file/folder level and what execute or noexec means on the mount point.

Some of these suggestion might be off, but I think the point I'm getting at can be understood. Again I don't understand the overlap between noexec and the execute bit and why you have noexec and yet the bit turned on. @ryecoaaron explained a little bit, I will do more research.

Here are some suggestions

  1. The ability to set/remove the noexec in the GUI. Maybe in advance settings. Instead of hacking config file, environment variables and fstab.
  2. If this is a security concern than express there is a concern with security when turning it off.
  3. Add some consistency to the sharing parts of the GUI. Some actions show execute as an option while others don't.
  4. If noexec is set then don't show execute on ACL. Otherwise add execute to the drop down options and to the grids.

I know with data you don't need to execute, but I think by expanding OMV to have docker, the growth and acceptance of docker the doors are opening to more possibilities for OMV beyond just data. When I first set out on my NAS journey I thought all I was going to have was storage. Now I have a development server, awesome! I can bring the cloud into my development shop! Next it will be multiple OMVs and Kubernetes!

Before I could do anything though I had to spend two hours figuring out why I see execute turned on in the ACL, but I can't execute.

@votdev votdev added feature 5.x labels Feb 6, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment