diff --git a/DockerEnv b/DockerEnv index 19d7f937c..8e5e7d0bb 100644 --- a/DockerEnv +++ b/DockerEnv @@ -8,6 +8,7 @@ #ENABLE_UFW=false #UFW_ALLOW_GW_NET=false #UFW_EXTRA_PORTS= +#GLOBAL_APPLY_PERMISSIONS=true #TRANSMISSION_ALT_SPEED_DOWN=50 #TRANSMISSION_ALT_SPEED_ENABLED=false #TRANSMISSION_ALT_SPEED_TIME_BEGIN=540 diff --git a/Dockerfile b/Dockerfile index 0d147ee8e..f794d4323 100644 --- a/Dockerfile +++ b/Dockerfile @@ -39,6 +39,7 @@ ADD tinyproxy /opt/tinyproxy/ ENV OPENVPN_USERNAME=**None** \ OPENVPN_PASSWORD=**None** \ OPENVPN_PROVIDER=**None** \ + GLOBAL_APPLY_PERMISSIONS=true \ TRANSMISSION_ALT_SPEED_DOWN=50 \ TRANSMISSION_ALT_SPEED_ENABLED=false \ TRANSMISSION_ALT_SPEED_TIME_BEGIN=540 \ diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 38b85df09..6db80ad01 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -29,6 +29,7 @@ ADD transmission/ /etc/transmission/ ENV OPENVPN_USERNAME=**None** \ OPENVPN_PASSWORD=**None** \ OPENVPN_PROVIDER=**None** \ + GLOBAL_APPLY_PERMISSIONS=true \ TRANSMISSION_ALT_SPEED_DOWN=50 \ TRANSMISSION_ALT_SPEED_ENABLED=false \ TRANSMISSION_ALT_SPEED_TIME_BEGIN=540 \ diff --git a/Dockerfile.armhf b/Dockerfile.armhf index 9555adabb..a3b731e08 100644 --- a/Dockerfile.armhf +++ b/Dockerfile.armhf @@ -32,6 +32,7 @@ ADD tinyproxy /opt/tinyproxy/ ENV OPENVPN_USERNAME=**None** \ OPENVPN_PASSWORD=**None** \ OPENVPN_PROVIDER=**None** \ + GLOBAL_APPLY_PERMISSIONS=true \ TRANSMISSION_ALT_SPEED_DOWN=50 \ TRANSMISSION_ALT_SPEED_ENABLED=false \ TRANSMISSION_ALT_SPEED_TIME_BEGIN=540 \ diff --git a/README.md b/README.md index e4eea0904..e21574ccf 100644 --- a/README.md +++ b/README.md @@ -153,6 +153,13 @@ If TRANSMISSION_PEER_PORT_RANDOM_ON_START is enabled then it allows traffic to t |`UFW_ALLOW_GW_NET` | Allows the gateway network through the firewall. Off defaults to only allowing the gateway. | `UFW_ALLOW_GW_NET=true`| |`UFW_EXTRA_PORTS` | Allows the comma separated list of ports through the firewall. Respects UFW_ALLOW_GW_NET. | `UFW_EXTRA_PORTS=9910,23561,443`| +### Permission configuration options +By default the startup script applies a default set of permissions and ownership on the transmission download, watch and incomplete directories. The GLOBAL_APPLY_PERMISSIONS directive can be used to disable this functionality. + +| Variable | Function | Example | +|----------|----------|-------| +|`GLOBAL_APPLY_PERMISSIONS` | Disable setting of default permissions | `GLOBAL_APPLY_PERMISSIONS=false`| + ### Alternative web UIs You can override the default web UI by setting the ```TRANSMISSION_WEB_HOME``` environment variable. If set, Transmission will look there for the Web Interface files, such as the javascript, html, and graphics files. diff --git a/transmission/userSetup.sh b/transmission/userSetup.sh index aca053eca..210a2361e 100644 --- a/transmission/userSetup.sh +++ b/transmission/userSetup.sh @@ -16,21 +16,29 @@ if [ -n "$PUID" ] && [ ! "$(id -u root)" -eq "$PUID" ]; then ${TRANSMISSION_INCOMPLETE_DIR} \ ${TRANSMISSION_WATCH_DIR} - echo "Setting owner for transmission paths to ${PUID}:${PGID}" + echo "Enforcing ownership on transmission config directories" chown -R ${RUN_AS}:${RUN_AS} \ /config \ - ${TRANSMISSION_HOME} \ - ${TRANSMISSION_DOWNLOAD_DIR} \ - ${TRANSMISSION_INCOMPLETE_DIR} \ - ${TRANSMISSION_WATCH_DIR} - - echo "Setting permission for files (644) and directories (755)" + ${TRANSMISSION_HOME} + + echo "Applying permissions to transmission config directories" chmod -R go=rX,u=rwX \ /config \ - ${TRANSMISSION_HOME} \ - ${TRANSMISSION_DOWNLOAD_DIR} \ - ${TRANSMISSION_INCOMPLETE_DIR} \ - ${TRANSMISSION_WATCH_DIR} + ${TRANSMISSION_HOME} + + if [ "$GLOBAL_APPLY_PERMISSIONS" = true ] ; then + echo "Setting owner for transmission paths to ${PUID}:${PGID}" + chown -R ${RUN_AS}:${RUN_AS} \ + ${TRANSMISSION_DOWNLOAD_DIR} \ + ${TRANSMISSION_INCOMPLETE_DIR} \ + ${TRANSMISSION_WATCH_DIR} + + echo "Setting permission for files (644) and directories (755)" + chmod -R go=rX,u=rwX \ + ${TRANSMISSION_DOWNLOAD_DIR} \ + ${TRANSMISSION_INCOMPLETE_DIR} \ + ${TRANSMISSION_WATCH_DIR} + fi fi echo "