I contemplate a concept here so go easy on me - I'm still a novice to all this.
I've just learned a hard way, but no biggie, that rclone fails if does not have full access to the folder in which config resides (naturally to the config file itself too).
I'm thinking of a Linux box where systemd's multiple services would mount a remote and do it as a "regular" user(systemd's config), mount separately for each one of multiple users.
"secrets" in the config file are my worry so I wonder is there a way to have it done so those secrets are not accessible by such "regular" user, even if not 100% of the time then 99.99% ideally.
Care to share any thoughts? I'll appreciate.
many thanks, L.
What is your rclone version (output from rclone version)
Which OS you are using and how many bits (eg Windows 7, 64 bit)
Which cloud storage system are you using? (eg Google Drive)
The command you were trying to run (eg rclone copy /tmp remote:tmp)
It's hardly an effort to repeat what others have said many times already - rclone is really very neat - but if there is field it could improve then it'd be 'multi-user' environments(I naturally thinks of Linux "servers").
Some kind of enhancement where a deamon/service would do the work (mainly mounts I have in mind) on user(s) behalves so then users could be kept away from sensitive secrets, etc.
If I was to dare to submit such idea for devel/authors consideration - where do I do that?
ps. I was hoping that when a "mount" has been established then config file could be hidden way from user(s). Would that work?
rclone uses fuse which is user based so that either you mount for a user or if you have root access, you can mount for everyone and use UID/GID to secure it.
Really? How would you do that?
From what I see (I've only started looking) once a mount has been done then all the content in it gets the UID of the mounter user.
What do I miss?
Thus that example you shared does not "fix" the problem nor it does what the quote says. Others can use the mount yes but there is no UID/GUI separation/preservation, all belongs that to 'netdata'
I have a simple setup where I get that separation, naturally via separate mounts (via systemd) for given users but I have no remedy to my original worry - hide sensitive credential away from users -> not possible if 'rclone' process(es) needs constant full access to rclone config file.
Sorry as I'm not following as you can set UID/GID and a few more flags to setup any permissions that you want and it acts like normal Linux depending on what you are trying to achieve.
Another example if you wanted to lock down '/test" to just the user netdata as I left it open to read.
Rclone requires access to the rclone.conf and if the user is launching the process, they can see the file/read it and see the contents of the file and grab them that way similar to anything else in the rclone.conf
We have a ticket https://github.com/rclone/rclone/issues/3655 requesting a separate file for mutable state aka tokens. If someone (maybe you?) implemented it, one could put that in a place with tough permissions.
You can completely hide non-mutable secrets right now. Here is an example for systemd
I didn't run the command as root as I can see it as the user "felix" as that's what is shown in my output.
I think the OP was asking about hiding from the user and my point was the user running the process can see their environment variables, which means the root owned file doesn't matter.
I think we're crossing the streams as they say as we're both correct but answering different questions.
If you run rclone as root, you can secure rclone.conf as root and the user would never see it. I gave an answer for that, which is the same for environment variables running as a process.
If you run rclone as a user, the user can see their environment variables, which is what I thought you were suggesting to the OP, which does not meet the requirement.