dynamic host volumes: apply requested perms#27068
Merged
pkazmierczak merged 2 commits intohashicorp:mainfrom Nov 12, 2025
Merged
dynamic host volumes: apply requested perms#27068pkazmierczak merged 2 commits intohashicorp:mainfrom
pkazmierczak merged 2 commits intohashicorp:mainfrom
Conversation
The `mkdir` dynamic host volume plugin uses the `os.MkdirAll()` function to create the host volume directory, but the permissions passed are affected by the user's `umask`, which can result in unexpected directory permissions. For example, with the common default `umask` of `022`, creating a dynamic host volume with `perms = "0777"` results in a directory with permissions set to `0755`.
github-project-automation
Bot
moved this to Needs Triage
in Nomad - Community Issues Triage
pkazmierczak
approved these changes
Nov 11, 2025
Contributor
pkazmierczak
left a comment
pkazmierczak
left a comment
There was a problem hiding this comment.
LGTM! Thanks for the contribution, Luiz!
pkazmierczak
moved this from Needs Triage
to In Progress
in Nomad - Community Issues Triage
pkazmierczak
added
backport/ent/1.8.x+ent
github-project-automation
Bot
moved this from In Progress
to Done
in Nomad - Community Issues Triage
7 tasks
pkazmierczak
pushed a commit
that referenced
this pull request
Nov 12, 2025
The `mkdir` dynamic host volume plugin uses the `os.MkdirAll()` function to create the host volume directory, but the permissions passed are affected by the user's `umask`, which can result in unexpected directory permissions. For example, with the common default `umask` of `022`, creating a dynamic host volume with `perms = "0777"` results in a directory with permissions set to `0755`.
pkazmierczak
pushed a commit
that referenced
this pull request
Nov 12, 2025
…1.11.x (#27087) * no-op commit due to failed cherry-picking * dynamic host volumes: apply requested perms (#27068) The `mkdir` dynamic host volume plugin uses the `os.MkdirAll()` function to create the host volume directory, but the permissions passed are affected by the user's `umask`, which can result in unexpected directory permissions. For example, with the common default `umask` of `022`, creating a dynamic host volume with `perms = "0777"` results in a directory with permissions set to `0755`. --------- Co-authored-by: temp <temp@hashicorp.com> Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
|
I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
The
mkdirdynamic host volume plugin uses theos.MkdirAll()function to create the host volume directory, but the permissions passed are affected by the user'sumask, which can result in unexpected directory permissions.For example, with the common default
umaskof022, creating a dynamic host volume withmode = "0777"results in a directory with permissions set to0755.Testing & Reproduction steps
umaskis not000.mkdirplugin withmode = "0777".0777.Links
https://pkg.go.dev/os#MkdirAll
Closes #26190
Contributor Checklist
changelog entry using the
make clcommand.ensure regressions will be caught.
and job configuration, please update the Nomad website documentation to reflect this. Refer to
the website README for docs guidelines. Please also consider whether the
change requires notes within the upgrade guide.
Reviewer Checklist
backporting document.
in the majority of situations. The main exceptions are long-lived feature branches or merges where
history should be preserved.
within the public repository.
Changes to Security Controls
Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.