From: Riyad Preukschas Date: Fri, 1 Feb 2013 19:56:03 +0000 (+0100) Subject: Merge pull request #2440 from klamontagne/master X-Git-Tag: v4.2.0~11 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=003c3121049aef98bf37f048563b2ab892207620;p=wvm%2Fgitlab.git Merge pull request #2440 from klamontagne/master Don't setuid the repositories on installation --- 003c3121049aef98bf37f048563b2ab892207620 diff --cc doc/install/installation.md index 0724bea9c,c499288ea..1672b77af --- a/doc/install/installation.md +++ b/doc/install/installation.md @@@ -145,15 -146,25 +145,16 @@@ Fix the directory permissions for the c Fix the directory permissions for the repositories: # Make sure the repositories dir is owned by git and it stays that way - sudo chmod -R ug+rwXs,o-rwx /home/git/repositories/ + sudo chmod -R ug+rwX,o-rwx /home/git/repositories/ sudo chown -R git:git /home/git/repositories/ + find /home/git/repositories -type d -print0 | sudo xargs -0 chmod g+s -## Disable StrictHostKeyChecking for localhost and your domain +## Add domains to list to the list of known hosts - echo "Host localhost - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null" | sudo tee -a /etc/ssh/ssh_config - - echo "Host YOUR_DOMAIN_NAME - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null" | sudo tee -a /etc/ssh/ssh_config - - # If gitolite domain differs - echo "Host YOUR_GITOLITE_DOMAIN - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null" | sudo tee -a /etc/ssh/ssh_config + sudo -u gitlab -H ssh git@localhost + sudo -u gitlab -H ssh git@YOUR_DOMAIN_NAME + sudo -u gitlab -H ssh git@YOUR_GITOLITE_DOMAIN_NAME ## Test if everything works so far diff --cc lib/tasks/gitlab/check.rake index 1ca723f27,ab95c823d..5e25d1b5d --- a/lib/tasks/gitlab/check.rake +++ b/lib/tasks/gitlab/check.rake @@@ -695,28 -692,8 +695,28 @@@ namespace :gitlab d end end + def check_repo_base_is_not_symlink + print "Repo base directory is a symlink? ... " + + repo_base_path = Gitlab.config.gitolite.repos_path + unless File.exists?(repo_base_path) + puts "can't check because of previous errors".magenta + return + end + + unless File.symlink?(repo_base_path) + puts "no".green + else + puts "yes".red + try_fixing_it( + "Make sure it's set to the real directory in config/gitlab.yml" + ) + fix_and_rerun + end + end + def check_repo_base_permissions - print "Repo base access is drwsrws---? ... " + print "Repo base access is drwxrws---? ... " repo_base_path = Gitlab.config.gitolite.repos_path unless File.exists?(repo_base_path) @@@ -724,12 -701,15 +724,14 @@@ return end - if File.stat(repo_base_path).mode.to_s(8).ends_with?("6770") - if `stat --printf %a #{repo_base_path}` == "2770" ++ if File.stat(repo_base_path).mode.to_s(8).ends_with?("2770") puts "yes".green else puts "no".red - puts "#{repo_base_path} is not writable".red try_fixing_it( - "sudo chmod -R ug+rwXs,o-rwx #{repo_base_path}" + "sudo chmod -R ug+rwX,o-rwx #{repo_base_path}", + "sudo chmod -R u-s #{repo_base_path}", + "find #{repo_base_path} -type d -print0 | sudo xargs -0 chmod g+s" ) for_more_information( see_installation_guide_section "Gitolite"