This warning from when rebuilding Discourse. A similar message appeared when rebuilding the mail-receiver: WARNING: containers/mail-receiver.yml file is world-readable. You can secure this file by running: chmod o-rwx containers/mail-receiver.yml.
At face value it looks as though you are being sarcastic (and insinuating that it’s obvious I should do what it recommends) but you are usually very polite and helpful so I am not sure.
If it were to say “You must…” rather than “You can…” I’d be happier do what it recommends without checking here.
Also, sometimes I have reported warnings here and been told not to worry about them because, for instance, a decision has been made to continue doing things a certain way despite the warning message (e.g. “You can ignore those warnings”: Warnings: overcommit_memory and Transparent Huge Pages).
I also wonder whether following the recommendation might cause some unintended consequence.
What might help here is if the “why” was explained in the warning. Your file is world readable, if there are other users that have SSH access to this machine, they will be able to steal your database password, chmod it to resolve this.
(It would also avoid confusion if you answered the question and then asked for details (“No, you can ignore it, assuming you’re the only user. What words…”))
Thanks for clarifying this. I wasn’t being sarcastic – I genuinely believed that you are usually polite and helpful, and now believe that you always are I misunderstood your response and apologise for that.
Yes, I’ve followed the current setup instructions which don’t create a non-root user. I have a feeling that earlier instructions did but can’t remember for sure. I’ll ignore the error.
Some sort of wording that makes it clear that the warning is from or endorsed by the Discourse team, and that it must be followed, would have had the effect you wondered about.
An explanation within the warning/advice would help, as proposed above, since on this occasion it’s not the case that it must always be followed.