Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-20 09:20:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
wekan/docs/Platforms/FOSS/Snap/Limit-snap-to-root-user-only.md
Lauri Ojansivu 1cfaddff9c Reorganized docs.
2024-06-27 13:30:40 +03:00

31 lines
No EOL
899 B
Markdown
Raw Blame History

If you have some users logging to your server, that don't have root access, and you want to limit snap to root user only, you can do the following:
## 1) Set snap refresh schedule, for example
```
sudo snap set core refresh.schedule=02:00-03:00
```
## 2) Set cron to limit permissions to root users after updates
For example, sudo to root, and edit root cron with nano:
```
sudo su
export EDITOR=nano
crontab -e
```
and add there that at 03:10 permissions are limited to root again:
```
10 3 * * * chmod og-rwx /usr/bin/snap
10 3 * * * chmod -R og-rwx /var/snap
```
You can see crontab syntax help at https://crontab.guru
`snap` is the command, and `/var/snap` is where data is stored.
## Future snap features for permissions
For more advanced user permission control in snap, sometime new features will be added:<br />
https://forum.snapcraft.io/t/multiple-users-and-groups-in-snaps/1461/3
Reference in a new issue View git blame Copy permalink