guard against unintended access if user-db is corrupted

2025-08-17 09:02:15 -06:00 · 2023-12-24 16:12:18 +01:00 · 2023-12-24 16:12:18 +01:00 · 39554b4bc3
parent 97d9c149f1
commit 39554b4bc3
1 changed files with 16 additions and 4 deletions
--- a/docs/examples/docker/idp/copyparty.conf
+++ b/docs/examples/docker/idp/copyparty.conf
@ -34,15 +34,15 @@
    rwmda: %su  # the group "su" gets read-write-move-delete-admin
-[/~${u}]    # each user gets their own home-folder at /~username
+[/u/${u}]    # each user gets their own home-folder at /u/username
-  /w/~${u}  # which will be in a folder named ~username in the docker data volume
+  /w/u/${u}  # which will be "u/username" in the docker data volume
  accs:
    r: *              # read-access for anyone, and
    rwmda: ${u}, %su  # read-write-move-delete-admin for that username + the "su" group
-[/~${u}/priv]    # each user also gets a private area at /~username/priv
+[/u/${u}/priv]    # each user also gets a private area at /u/username/priv
-  /w/~${u}/priv  # stored at DATAVOLUME/~username/priv
+  /w/u/${u}/priv  # stored at DATAVOLUME/u/username/priv
  accs:
    rwmda: ${u}, %su  # read-write-move-delete-admin for that username + the "su" group
@ -58,3 +58,15 @@
  /w/lounge/${g}/priv  # stored at DATAVOLUME/lounge/groupname/priv
  accs:
    rwmda: %${g}, %su  # read-write-move-delete-admin for that group + the "su" group
 # and create some strategic volumes to prevent anyone from gaining
 # unintended access to priv folders if the users/groups db is lost
 [/u]
  /w/u
  accs:
    rwmda: %su
 [/lounge]
  /w/lounge
  accs:
    rwmda: %su