diff options
| -rw-r--r-- | README-Docker.md | 3 | ||||
| -rwxr-xr-x | script/docker-entrypoint.sh | 4 |
2 files changed, 6 insertions, 1 deletions
diff --git a/README-Docker.md b/README-Docker.md index 27acf53aa..02b0dc5d7 100644 --- a/README-Docker.md +++ b/README-Docker.md @@ -15,6 +15,9 @@ To grant Syncthing additional capabilities without running as root, use the `PCAP` environment variable with the same syntax as that for `setcap(8)`. For example, `PCAP=cap_chown,cap_fowner+ep`. +To set a different umask value, use the `UMASK` environment variable. For +example `UMASK=002`. + ## Example Usage **Docker cli** diff --git a/script/docker-entrypoint.sh b/script/docker-entrypoint.sh index af87ef80b..26a0c12c5 100755 --- a/script/docker-entrypoint.sh +++ b/script/docker-entrypoint.sh @@ -2,9 +2,11 @@ set -eu +[ -n "${UMASK:-}" ] && umask "$UMASK" + if [ "$(id -u)" = '0' ]; then binary="$1" - if [ "${PCAP:-}" == "" ] ; then + if [ -z "${PCAP:-}" ]; then # If Syncthing should have no extra capabilities, make sure to remove them # from the binary. This will fail with an error if there are no # capabilities to remove, hence the || true etc. |