Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Permissions trouble

Edited
Михаил Суворов
Михаил Суворов Nov 01, 2018

Hello. We are using Bamboo in docker container (created by our team Dockerfile and docker-compose.yaml) and every time upgrade version wasn't create a trouble, but at that time. We upgrade Bamboo from 6.6.3 to 6.7.1 and now when task "source code checkout" started, it broke file permissions: owner and group don't change, but permissions for other is fully lost (i.e. rwxr-xr-x -> rwxr-x---). What happens? What should I do?

drwxr-x---  9 root root 4096 Nov  1 15:46 ./

drwxr-xr-x 60 root root 4096 Nov  1 15:46 ../

drwxr-x---  8 root root 4096 Nov  1 15:46 .git/

-rw-r-----  1 root root  134 Nov  1 15:46 .gitignore

-rw-r-----  1 root root  154 Nov  1 15:46 Dockerfile

drwxr-x--- 12 root root 4096 Nov  1 15:46 app/

Answer
Watch
Like # people like this
2928 views

2 answers

1 accepted

7 votes
Answer accepted
Chris Berry
Chris Berry
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Nov 07, 2018

Hi Михаил,

 

Bamboo 6.7.1 ships with a new version of Tomcat. The <Bamboo-install>/bin/catalina.sh script now sets the default umask to 027. This will mean that any file created by the Bamboo JVM and any of its child processes will apply that umask and strip the other permissions.

The workaround would be to set the UMASK=022 environment variable before starting Bamboo.

We will confirm with the developers and workout a longer term solution and/or document this behaviour change.

Although, having a umask of 027 if better from a security perspective, it is a change in behaviour.

thanks

Chris

View More Comments
Михаил Суворов
Михаил Суворов Nov 07, 2018 • edited

Wow, fantastic! I was look up at many paths, but nowhere had seen umask=027. Thank you!

In my case, Bamboo run in container from 'root' and in some jobs it's create artifacts for non-root user, so I must have umask 022 instead 027.

Like
Joris van Eijden
Joris van Eijden Nov 23, 2018

Having this in the release notes somewhere would have saved me a lot of time.

Took me half a day to find this. Super happy it's fixed now though :)

Like
Cory Galloway
Cory Galloway May 14, 2019

Yes, can someone point me to the Release Notes with this change?  It caused some of our deploys to fail as the user deploying no longer had read on the checked-out repo.

Like Chris Bellar likes this
Reply
0 votes
Chris Berry
Chris Berry
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Nov 01, 2018

Hi Михаил

Has there been any changes to the agent system that runs this job?

Docker will inherit the system umask setting. If the system umask is set to 07

then you will see the behaviour you describe.

thanks

Chris

Atlassian support-Bamboo

View More Comments
Михаил Суворов
Михаил Суворов Nov 02, 2018

Properties of agents are not changes. I just create new docker image with 6.7.1 instead 6.6.3 and run it. Without change any settings of Bamboo.

Nowhere in profile and other files has umask settings. I downgrade to 6.6.3 and it's work fine. Home directory (/home/bamboo) is mounting into container, but in 6.7.1 Bamboo had trouble with permissions. What else may be wrong?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

See all events