From 4358a9f998d469bf6aac077d76847498710c6b42 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Thu, 5 Jun 2025 19:31:29 +0200
Subject: mount: fix -force_owner not allowing file/dir create

Fixes https://github.com/rfjakob/gocryptfs/issues/783
---
 mount.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/mount.go b/mount.go
index 1005a39..5c0f064 100644
--- a/mount.go
+++ b/mount.go
@@ -315,9 +315,13 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
 			}
 		}
 	}
-	// If allow_other is set and we run as root, try to give newly created files to
-	// the right user.
-	if args.allow_other && os.Getuid() == 0 {
+	// If allow_other is set and we run as root, create files as the accessing
+	// user.
+	// Except when -force_owner is set, because in this case the user may
+	// not have write permissions. And the point of -force_owner is to map uids,
+	// so we want the files on the backing dir to get the uid the gocryptfs process
+	// is running as.
+	if args.allow_other && os.Getuid() == 0 && args._forceOwner == nil {
 		frontendArgs.PreserveOwner = true
 	}
 
-- 
cgit v1.2.3