Insync Headless - Default File Permissions

Bugs and issues Linux
#1

Hello,

We are using insync-headless on a virtualized Ubuntu server, which in turn serves NFS shares to the LAN for access to specific files and folders. Everything appears to be working great except for the default permissions, and so far I am unable to figure out how to get this to work. I need insync-headless to create files with the owner nobody:nogroup and 666 permissions for the shares to work as intended.

I tried setting the insync-headless user and group to nobody:nogroup, as well as trying to use the Set-User-ID and Set-Group-ID bits, nothing seems to work so far in my tests.

$ ls -l /usr/bin | grep insync -rwxr-xr-x 1 root root 69 Aug 14 03:10 insync-headless $ ls -l /usr/bin | grep insync -rwxr-sr-x 1 nobody nogroup 69 Aug 14 03:10 insync-headless $ ls -l /usr/bin | grep insync -rwsr-sr-x 1 nobody nogroup 69 Aug 14 03:10 insync-headless
The insync directory itself has the correct permissions as well, and I tried with and without the Set-ID bits described above:

$ ls -l /media/DataAdmin/
drwsrwsrwx 4 nobody          nogroup          4096 Sep 14 11:15 insync

The behavior did change a little bit though, the before and after is below, to test we uploaded the files to Google Drive then checked the resulting permissions in the Insync folder.

$ ls -l /media/DataAdmin/insync/DataAdmin/technicians/ -rw-r--r-- 1 dataadmin_local dataadmin_local 6 Sep 21 2015 permissions 1 -rw-r--r-- 1 dataadmin_local dataadmin_local 6 Sep 21 2015 permissions 2 -rw-r--r-- 1 dataadmin_local dataadmin_local 6 Sep 21 2015 permissions 3

$ ls -l /media/DataAdmin/insync/DataAdmin/technicians/ -rw-rw-r-- 1 dataadmin_local nogroup 6 Sep 21 2015 permissions 1 -rw-rw-r-- 1 dataadmin_local nogroup 6 Sep 21 2015 permissions 2 -rw-rw-r-- 1 dataadmin_local nogroup 6 Sep 21 2015 permissions 3
I am sure I am missing something simple here, any help would greatly be appreciated!

Best Regards,
Jason
DataAdmin

#2

@DataAdmin The Insync process uses the umask and uid/gid of the process that ran it to create files. For the umask please try setting the umask to 0000.

I’m not sure how to set the user to nobody; Insync stores its config files on the ~/.config folder of the user that ran it. Since nobody doesn’t have a home folder, Insync might not run if you try to run it as the nobody user.

Setting the group to nogroup could work if you set the set-group-id bit on the Insync folder /media/DataAdmin/insync which is probably what happened in your case.

#3

Posting this here because its the only resource on the Internet I could find talking about this topic.

Because insync-headless uses per-user cron @reboot to run, the only way I found to manipulate the process umask without altering the system defaults globally, is to edit the per-user cron @reboot line.

First, login as the user that insync-headless is running as and then edit user’s crontab:

sudo su -l [username]
crontab -e

# or without logging in as the user:
crontab -e -u [username]

Add the " umask 007 && " to the cron @reboot line:

# original line
@reboot insync-headless start >/dev/null 2>&1

# edited line
@reboot umask 007 && insync-headless start >/dev/null 2>&1

Obviously, you need to set the umask dependent to your needs. Then reboot and watch the magic happen. Files and directories are now getting created with my preferred 660 and 2770 permissions. :+1:

1 Like
#4

Thank you for the assist, @Bluecrow76 :heart: