Merge pull request #36386 from sjenning/fix-secret-file-mode

Automatic merge from submit-queue Avoid setting S_ISGID on files in volumes Some applications are having issues with setting the S_ISGID bit on files in volumes. We intend to do this for directories so that the group ID is inherited, but not files for which S_ISGID indicates madatory file locking https://linux.die.net/man/2/stat xref https://bugzilla.redhat.com/show_bug.cgi?id=1387306 @ncdc @derekwaynecarr @pmorie
2025-07-22 11:21:47 +00:00 · 2016-11-10 01:19:02 -08:00 · 2016-11-10 01:19:02 -08:00 · 193e2ae1d1
commit 193e2ae1d1
parent 6b9ce1b4c1 67f3134232
1 changed files with 5 additions and 1 deletions
--- a/pkg/volume/volume_linux.go
+++ b/pkg/volume/volume_linux.go
@ -71,7 +71,11 @@ func SetVolumeOwnership(mounter Mounter, fsGroup *int64) error {
 			mask = roMask
 		}

-		err = chmodRunner.Chmod(path, info.Mode()|mask|os.ModeSetgid)
+		if info.IsDir() {
+			mask |= os.ModeSetgid
+		}
+
+		err = chmodRunner.Chmod(path, info.Mode()|mask)
 		if err != nil {
 			glog.Errorf("Chmod failed on %v: %v", path, err)
 		}