Allow Specifying Paths to Search

Question

Allow Specifying Paths to Search

caleblloyd opened this issue 7 years ago · 0 comments

Right now, fixuid starts at the root of the filesystem / and walks the directory tree. It does not recurse into mounts on other devices to avoid recursing into a host-mounted filesystem. There are 2 issues with this approach:

Searching every file/folder on the root filesystem can take a while, especially if there are a lot of files. Usually this isn't that big of an issue because we are dealing with Docker containers, which generally have minimal filesystems to start. Users should still be able to specify just the paths that they want searched to speed things up and avoid unnecessary recursion.
Sometimes users want fixuid to run on mounts on different devices. For example, a Docker Volume at /home/docker/.cache will show up as a mount on a different device from the root filesystem, but a user may still want fixuid to run there.

The solution I am proposing is allowing the user to specify paths to search. This will be added through a new key in the /etc/fixuid/config.yml file called paths, which will be an array of strings.

user: docker
group: docker
paths:
  - /home/docker
  - /home/docker/.cache

If the paths key is not defined, it will default to the same behavior as today:

paths:
  - /

Volumes mounted on different devices that fixuid should run on should always be listed in the paths key, for example:

paths:
  - /
  - /home/docker/.cache