sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-08 16:49:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

[GH-ISSUE #519] Write permissions will be overwritten by anonymous read-only permissions #299

New Issue
Closed
opened 2026-04-08 16:51:50 +03:00 by zhus · 2 comments
zhus commented 2026-04-08 16:51:50 +03:00
Owner
Copy Link

Originally created by @VergilGao on GitHub (Dec 31, 2024).
Original GitHub issue: https://github.com/sigoden/dufs/issues/519

If I configure both -a "@/path1, /path2" and -a "admin:123456@/:rw" at the same time, then admin's access rights to files in the /path1 directory will become readonly.
I can use -a "admin:123456@/:rw, /path1:rw, path2:rw" to fix this.

Originally created by @VergilGao on GitHub (Dec 31, 2024). Original GitHub issue: https://github.com/sigoden/dufs/issues/519 If I configure both `-a "@/path1, /path2"` and `-a "admin:123456@/:rw"` at the same time, then admin's access rights to files in the `/path1` directory will become readonly. I can use `-a "admin:123456@/:rw, /path1:rw, path2:rw"` to fix this.
zhus closed this issue 2026-04-08 16:51:50 +03:00
zhus commented 2026-04-08 16:51:50 +03:00
Author
Owner
Copy Link

@sigoden commented on GitHub (Jan 2, 2025):

Why did this happen?

The anonymous auth paths will be merged with user auth paths.
-a admin:123456@/:rw -a @/path1,/path2 will expand to -a admin:123456@/:rw,/path1,/path2 -a @/path1,/path2

Since dufs supports auth precedule (#325), so the perm of /path1,/path2 is read-only.

How to improve

After you reported this issue, we noticed that this is not a good design. We can download /path1, make some change, then re-upload /path1 to bypass this limitation.

So we need to make adjustments: A parent path with higher permissions can shadow a child path with lower permissions.

/:rw,/path1 will expand to /:rw, but /,/path1:rw will remain unchanged.

<!-- gh-comment-id:2567204564 --> @sigoden commented on GitHub (Jan 2, 2025): ### Why did this happen? The anonymous auth paths will be merged with user auth paths. `-a admin:123456@/:rw -a @/path1,/path2` will expand to `-a admin:123456@/:rw,/path1,/path2 -a @/path1,/path2` Since dufs supports auth precedule (#325), so the perm of `/path1,/path2` is read-only. ### How to improve After you reported this issue, we noticed that this is not a good design. We can download `/path1`, make some change, then re-upload `/path1` to bypass this limitation. So we need to make adjustments: A parent path with higher permissions can shadow a child path with lower permissions. `/:rw,/path1` will expand to `/:rw`, but `/,/path1:rw` will remain unchanged.
zhus commented 2026-04-08 16:51:50 +03:00
Author
Owner
Copy Link

@yuf19-2022 commented on GitHub (Dec 27, 2025):

I think the improve is not good.you mentioned "the anonymous auth paths will be merged with user auth paths.",in fact,the problem is how to deal with the conflict when the user auth paths contains anonymous auth paths

<!-- gh-comment-id:3693899338 --> @yuf19-2022 commented on GitHub (Dec 27, 2025): I think the improve is not good.you mentioned "the anonymous auth paths will be merged with user auth paths.",in fact,the problem is how to deal with the conflict when the user auth paths contains anonymous auth paths
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zhus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sigoden/dufs#299
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?