Author

Topic: How to set datadir mode 750 and files 640 without sysperms (Read 230 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
It's more complex than i thought, i only could think
1. Change file/directory ownership to another user
2. Set chmod for all file/directory manually
3. Run Bitcoin from different users (but both have same group) where chmod or chown permission is disabled.

I'm not sure it could work though
member
Activity: 93
Merit: 28
"Don't steal! Your governments hate competition!"
I never see any documentation mention sysperms, so i only could suggest you run Bitcoin Core from user where chmod is disabled or not allowed & set chmod for file/directory manually.
Thank you. That's right about group permissions need, as in the OP link.

Disabling chmod is a good idea, but with sysperms=0 (default) bitcoind will create all new files mode 600, including the auth cookie and new blockchain data.
Possible to mitigate with scripts, but messy and error prone, and could still cause problems for other apps that need real-time new blocks data, such as Armory for example.
Actually, disabling chmod for bitcoin user looks complicated to do, unless one makes root the datadir owner, and bitcoind then runs as root, which would not solve the group permissions problem and make security implications worse.  Huh
member
Activity: 93
Merit: 28
"Don't steal! Your governments hate competition!"
I never see any documentation mention sysperms, so i only could suggest you run Bitcoin Core from user where chmod is disabled or not allowed & set chmod for file/directory manually.

I think his project needs group permission (where as bitcoind only give permission to user)
Thank you. That's right about group permissions need, as in the OP link.

The mention of sysperms is right in Running Bitcoin wiki

Disabling chmod is a good idea, but with sysperms=0 (default) bitcoind will create all new files mode 600, including the auth cookie and new blockchain data.
Possible to mitigate with scripts, but messy and error prone, and could still cause problems for other apps that need real-time new blocks data, such as Armory for example.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
You've not given us enough information.

Presumably you're trying to do something with file permissions on the file system?

What operating system are you running and why are the files made with a file permission that the daemon can't access? 700 i know as rwx------, why is it doing this - surely if it can make something with that permission then it already has enough permissions to edit and read the data?
member
Activity: 93
Merit: 28
"Don't steal! Your governments hate competition!"
If we don't use sysperms=1, bitcoind sets datadir mode to 700 (rwx------) and files to 600 (rw-------) including auth cookie.

Does anyone have good bitcoind configuration to set datadir 750 (rwxr-x---) and files 640 (rw-r-----), with sysperms=0 (default) ?

We are trying to figure out this: https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/361
Jump to: