Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
751ae140
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
751ae140
编写于
2月 09, 2016
作者:
A
Achilleas Pipinellis
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Restrict permissions on public/uploads
上级
555b1a62
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
11 addition
and
9 deletion
+11
-9
doc/install/installation.md
doc/install/installation.md
+4
-3
lib/tasks/gitlab/check.rake
lib/tasks/gitlab/check.rake
+7
-6
未找到文件。
doc/install/installation.md
浏览文件 @
751ae140
...
@@ -268,10 +268,11 @@ sudo usermod -aG redis git
...
@@ -268,10 +268,11 @@ sudo usermod -aG redis git
sudo chmod -R u+rwX tmp/sockets/
sudo chmod -R u+rwX tmp/sockets/
# Create the public/uploads/ directory
# Create the public/uploads/ directory
sudo -u git -H mkdir public/uploads/
sudo -u git -H mkdir
-m 0700
public/uploads/
# Make sure GitLab can write to the public/uploads/ directory
# Make sure only the GitLab user has access to the public/uploads/ directory
sudo chmod -R u+rwX public/uploads
# now that files in public/uploads are served by gitlab-workhorse
sudo chmod -R go-rwX public/uploads
# Change the permissions of the directory where CI build traces are stored
# Change the permissions of the directory where CI build traces are stored
sudo chmod -R u+rwX builds/
sudo chmod -R u+rwX builds/
...
...
lib/tasks/gitlab/check.rake
浏览文件 @
751ae140
...
@@ -285,7 +285,7 @@ namespace :gitlab do
...
@@ -285,7 +285,7 @@ namespace :gitlab do
unless
File
.
directory?
(
Rails
.
root
.
join
(
'public/uploads'
))
unless
File
.
directory?
(
Rails
.
root
.
join
(
'public/uploads'
))
puts
"no"
.
red
puts
"no"
.
red
try_fixing_it
(
try_fixing_it
(
"sudo -u
#{
gitlab_user
}
mkdir -m
75
0
#{
Rails
.
root
}
/public/uploads"
"sudo -u
#{
gitlab_user
}
mkdir -m
070
0
#{
Rails
.
root
}
/public/uploads"
)
)
for_more_information
(
for_more_information
(
see_installation_guide_section
"GitLab"
see_installation_guide_section
"GitLab"
...
@@ -297,21 +297,22 @@ namespace :gitlab do
...
@@ -297,21 +297,22 @@ namespace :gitlab do
upload_path
=
File
.
realpath
(
Rails
.
root
.
join
(
'public/uploads'
))
upload_path
=
File
.
realpath
(
Rails
.
root
.
join
(
'public/uploads'
))
upload_path_tmp
=
File
.
join
(
upload_path
,
'tmp'
)
upload_path_tmp
=
File
.
join
(
upload_path
,
'tmp'
)
if
File
.
stat
(
upload_path
).
mode
==
0407
5
0
if
File
.
stat
(
upload_path
).
mode
==
0407
0
0
unless
Dir
.
exists?
(
upload_path_tmp
)
unless
Dir
.
exists?
(
upload_path_tmp
)
puts
'skipped (no tmp uploads folder yet)'
.
magenta
puts
'skipped (no tmp uploads folder yet)'
.
magenta
return
return
end
end
# if tmp upload dir has incorrect permissions, assume others do as well
# If tmp upload dir has incorrect permissions, assume others do as well
if
File
.
stat
(
upload_path_tmp
).
mode
==
040755
&&
File
.
owned?
(
upload_path_tmp
)
# verify drwxr-xr-x permissions
# Verify drwx------ permissions
if
File
.
stat
(
upload_path_tmp
).
mode
==
040700
&&
File
.
owned?
(
upload_path_tmp
)
puts
"yes"
.
green
puts
"yes"
.
green
else
else
puts
"no"
.
red
puts
"no"
.
red
try_fixing_it
(
try_fixing_it
(
"sudo chown -R
#{
gitlab_user
}
#{
upload_path
}
"
,
"sudo chown -R
#{
gitlab_user
}
#{
upload_path
}
"
,
"sudo find
#{
upload_path
}
-type f -exec chmod 0644 {}
\\
;"
,
"sudo find
#{
upload_path
}
-type f -exec chmod 0644 {}
\\
;"
,
"sudo find
#{
upload_path
}
-type d -not -path
#{
upload_path
}
-exec chmod 07
55
{}
\\
;"
"sudo find
#{
upload_path
}
-type d -not -path
#{
upload_path
}
-exec chmod 07
00
{}
\\
;"
)
)
for_more_information
(
for_more_information
(
see_installation_guide_section
"GitLab"
see_installation_guide_section
"GitLab"
...
@@ -321,7 +322,7 @@ namespace :gitlab do
...
@@ -321,7 +322,7 @@ namespace :gitlab do
else
else
puts
"no"
.
red
puts
"no"
.
red
try_fixing_it
(
try_fixing_it
(
"sudo
chmod 0750
#{
upload_path
}
"
,
"sudo
find
#{
upload_path
}
-type d -not -path
#{
upload_path
}
-exec chmod 0700 {}
\\
;"
)
)
for_more_information
(
for_more_information
(
see_installation_guide_section
"GitLab"
see_installation_guide_section
"GitLab"
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录