Hello,
I have a CentOS Linux release 7.7.1908 (Core) and I installed Passbolt with Docker with this tutorial:
Like the tutorial, I want to persist the Gnupg serverkeys directory. So, I create a gpg-keys folder in /media/. But if I do docker run for Passbolt I can find in the logs:
gpg: directory ‘/home/www-data/.gnupg’ created
gpg: keybox ‘/home/www-data/.gnupg/pubring.kbx’ created
gpg: /home/www-data/.gnupg/trustdb.gpg: trustdb created
gpg: key 141223DE10561F7C marked as ultimately trusted
gpg: directory ‘/home/www-data/.gnupg/openpgp-revocs.d’ created
gpg: revocation certificate stored as ‘/home/www-data/.gnupg/openpgp-revocs.d/4A178A2D34B80F1413B4B194141223DE10561F7C.rev’
-bash: /var/www/passbolt/config/gpg/serverkey_private.asc: Permission denied
If I change the permissions with chmod -R o=wrx /media/gpg-keys
docker run works fine and the server keys could be created. But I am not sure, if this is the right way. I think it is not fine, to allow all others the permissions write, read, execute for this directory. Exists an other/secure way to give Passbolt the permissions?
Thank you for your answers!