We are migrating our infrastructure on our private kubernetes cloud.
Pega creates files thanks to "Connect File": CreateExtractedFile.
On our on premise architecture, we had a custom bashrc with umask to 022 to change file permission.
When Pega create a file, it respect the umask
-rw-r--r-- 1 salto16 salto 16 May 28 16:02 202005281602ST_Salto.xml
It worked perfectly.
Now on our cloud architecture, we had the same bashrc but when we run the activity, files are created with only 640 rights.
-rw-r-----. 1 root root 1713 Oct 7 19:15 20201007ACT_Salto.xml
On cloud architecture on batch pod pega is started with root user. Is it normal?
[email protected]:/var/opt/data/flat/bpm/flow/out/WED# ps -elf
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
4 S root 1 0 11 80 0 - 3456606 futex_ 12:47 ? 00:16:41 /opt/java/openjdk/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Xms4096m -Xmx7168m -Djava.aw...
When I create a file with touch command, it create a file with correct rights (644) that's mean umask is correctly used
[email protected]:/var/opt/data/flat/bpm/flow/out/WED# touch test5
[email protected]:/var/opt/data/flat/bpm/flow/out/WED# ll | grep test5
-rw-r--r--. 1 root root 0 Oct 8 09:52 test5