Unix & Linux Asked by icaine on December 31, 2021
I have a lot of production data and copying it for dev purposes would be unreal. I was thinking that OverlayFS could be a solution until a problem with permissions arised.
Let’s assume i have following folder structure:
/data/prod – production data (files+subfolders) owned by prod:prod having 664/data/prod-overlay/dev1/{overlay,upper,lower} – data for developers (user dev1:dev1 in this case)Dev users can read prod data but not modify.
Is it possible to make files in /data/overlayfs/developer1/overlay writable even when permissions of original files do not allow it? Or is there any other (simple) way to achieve such behaviour while keeping prod data read-only for dev users?
For example:
There is a file /data/prod/subfolder/file (prod:prod, 664) and user dev1 wants to remove or change /data/prod-overlay/dev1/overlay/subfolder/file.
Note: dev1 can remove file /data/prod-overlay/dev1/overlay/file (with rm -f) probably because he is the owner of the overlay folder.
Finally found the answer for my question. ?
The solution is to use overlayfs in combination with bindfs that allows mount one folder as another folder with different perms/owner/etc.
# sudo bindfs --map=origOwner/newOwner:@origGroup/@newGroup /srcFolder /dstMountpoint
mkdir /data/prod-overlay/dev1/prod # mountpoint
sudo bindfs --map=prod/dev1:@prod/@dev1 /data/prod-overlay/dev1/overlay /data/prod-overlay/dev1/prod
Answered by icaine on December 31, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP