Help Center> Cloud Container Engine> FAQ> Workload> Container Configuration> How Do I Change the Permission of the Secret Mounted to a Container from 644 to 444?
View PDF

How Do I Change the Permission of the Secret Mounted to a Container from 644 to 444?

Context

On the CCE console, Permission is displayed as Read-only for the secret mounted to the container. However, the actual permission in the container is 644, which does not meet the actual permission management requirements.

Figure 1 Read-only permission for the mounted secret
Figure 2 Actual permission in the container

Fault Locating

In the YAML file, the defaultMode field is set to 420, which is a decimal number. The permission value 644 in the Linux OS is an octal number. Therefore, the decimal number 420 needs to be converted into an octal number, that is, 644.

Figure 3 defaultMode field
Figure 4 Converting a decimal number to an octal number

HEX: hexadecimal

DEC: decimal

OCT: octal

BIN: binary

Solution

The actual mounting permission is 444, which is 292 in decimal format.

Figure 5 Converting an octal number to a decimal number

Modify the YAML file, as shown in Figure 6.

Figure 6 Modifying the defaultMode field

Access the container, and check whether the permission for the secret file is 444, as shown in Figure 7.

Figure 7 Checking the permission for the secret file

If the permission is 444, the problem is resolved.

Parent topic: Container Configuration