From 8e391fcfaccfc9afd2d87743952a6b1fd4277632 Mon Sep 17 00:00:00 2001
From: gyurix <gyurix@gmail.com>
Date: Thu, 21 Nov 2024 22:36:27 +0100
Subject: [PATCH] set permissions

---
 scripts/scheduler/entrypoint.sh | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/scripts/scheduler/entrypoint.sh b/scripts/scheduler/entrypoint.sh
index 4d207e9..6939e8d 100644
--- a/scripts/scheduler/entrypoint.sh
+++ b/scripts/scheduler/entrypoint.sh
@@ -239,19 +239,22 @@ check_dirs_and_files() {
     if [ ! -d "/var/tmp/shared" ]; then
         mkdir -p /var/tmp/shared
         chown -R 65534:65534 /var/tmp/shared
-        chmod -R g+rwxs /var/tmp/shared
+        chmod -R g+s /var/tmp/shared
+        setfacl -d -m g:nobody:rw /var/tmp/shared
     fi
 
     if [ ! -d "/var/tmp/shared/input" ]; then
         mkdir -p /var/tmp/shared/input
         chown -R 65534:65534 /var/tmp/shared/input
-        chmod -R g+rwxs /var/tmp/shared/input
+        chmod -R g+s /var/tmp/shared/input
+        setfacl -d -m g:nobody:rw /var/tmp/shared/input
     fi
 
     if [ ! -d "/var/tmp/shared/output" ]; then
         mkdir -p /var/tmp/shared/output
         chown -R 65534:65534 /var/tmp/shared/output
-        chmod -R g+rwxs /var/tmp/shared/output
+        chmod -R g+s /var/tmp/shared/output
+        setfacl -d -m g:nobody:rw /var/tmp/shared/output
     fi
 
     if [ ! -d "/etc/user/config/services/" ]; then