Commit 471b5910a64d5cbfe268caf210c1745cf3e8fefd
1 parent
eff6d3c1
Exists in
master
and in
4 other branches
Fix git group detection for gitolite ssh user.
The tasks gitlab:env:info mixes user and group, and presume as a group 'git'.
However, gitolite group name can be anything.
That patch add the git group name in the config,
and check gitolite.ssh_user group against git.group
(which defaults to 'git', as before this patch, if undefined).
M config/gitlab.yml.example:
Add 'group' in 'git' section
Mention default value for the two extra settings
M lib/tasks/gitlab/check.rake:
Check that gitolite.ssh_user *group* is the one defined in git.group.
Make sure to default to 'git' as the expected group
if said group is undefined in the config.
Note: uses a more complete regexp for the group detection
(the group can start, end or be in the middle or the list of groups
of gitolite.ssh_user)
M: config/initializers/1_settings.rb:
Add default values for gitolite.group and gitlab.user
Showing
3 changed files
with
11 additions
and
4 deletions
Show diff stats
config/gitlab.yml.example
| @@ -29,6 +29,9 @@ gitlab: | @@ -29,6 +29,9 @@ gitlab: | ||
| 29 | ## Project settings | 29 | ## Project settings |
| 30 | default_projects_limit: 10 | 30 | default_projects_limit: 10 |
| 31 | 31 | ||
| 32 | + ## Account used for GitLab installation ('gitlab' if undefined) | ||
| 33 | + user: gitlab | ||
| 34 | + | ||
| 32 | ## Gravatar | 35 | ## Gravatar |
| 33 | gravatar: | 36 | gravatar: |
| 34 | enabled: true # Use user avatar images from Gravatar.com (default: true) | 37 | enabled: true # Use user avatar images from Gravatar.com (default: true) |
| @@ -100,6 +103,7 @@ gitolite: | @@ -100,6 +103,7 @@ gitolite: | ||
| 100 | receive_pack: true | 103 | receive_pack: true |
| 101 | ssh_user: git | 104 | ssh_user: git |
| 102 | ssh_host: localhost | 105 | ssh_host: localhost |
| 106 | + group: git # default: 'git' if undefined | ||
| 103 | # ssh_port: 22 | 107 | # ssh_port: 22 |
| 104 | # config_file: gitolite.conf | 108 | # config_file: gitolite.conf |
| 105 | 109 |
config/initializers/1_settings.rb
| @@ -50,6 +50,7 @@ Settings.gitlab['relative_url_root'] ||= '' | @@ -50,6 +50,7 @@ Settings.gitlab['relative_url_root'] ||= '' | ||
| 50 | Settings.gitlab['protocol'] ||= Settings.gitlab.https ? "https" : "http" | 50 | Settings.gitlab['protocol'] ||= Settings.gitlab.https ? "https" : "http" |
| 51 | Settings.gitlab['email_from'] ||= "gitlab@#{Settings.gitlab.host}" | 51 | Settings.gitlab['email_from'] ||= "gitlab@#{Settings.gitlab.host}" |
| 52 | Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url) | 52 | Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url) |
| 53 | +Settings.gitlab['user'] ||= 'gitlab' | ||
| 53 | 54 | ||
| 54 | Settings['gravatar'] ||= Settingslogic.new({}) | 55 | Settings['gravatar'] ||= Settingslogic.new({}) |
| 55 | Settings.gravatar['enabled'] ||= true | 56 | Settings.gravatar['enabled'] ||= true |
| @@ -67,6 +68,7 @@ Settings.gitolite['upload_pack'] ||= (Settings.gitolite['upload_pack'] != false | @@ -67,6 +68,7 @@ Settings.gitolite['upload_pack'] ||= (Settings.gitolite['upload_pack'] != false | ||
| 67 | Settings.gitolite['ssh_host'] ||= (Settings.gitlab.host || 'localhost') | 68 | Settings.gitolite['ssh_host'] ||= (Settings.gitlab.host || 'localhost') |
| 68 | Settings.gitolite['ssh_port'] ||= 22 | 69 | Settings.gitolite['ssh_port'] ||= 22 |
| 69 | Settings.gitolite['ssh_user'] ||= 'git' | 70 | Settings.gitolite['ssh_user'] ||= 'git' |
| 71 | +Settings.gitolite['group'] ||= 'git' | ||
| 70 | Settings.gitolite['ssh_path_prefix'] ||= Settings.send(:build_gitolite_ssh_path_prefix) | 72 | Settings.gitolite['ssh_path_prefix'] ||= Settings.send(:build_gitolite_ssh_path_prefix) |
| 71 | 73 | ||
| 72 | Settings['backup'] ||= Settingslogic.new({}) | 74 | Settings['backup'] ||= Settingslogic.new({}) |
lib/tasks/gitlab/check.rake
| @@ -295,15 +295,16 @@ namespace :gitlab do | @@ -295,15 +295,16 @@ namespace :gitlab do | ||
| 295 | end | 295 | end |
| 296 | 296 | ||
| 297 | def check_gitlab_in_git_group | 297 | def check_gitlab_in_git_group |
| 298 | - gitolite_ssh_user = Gitlab.config.gitolite.ssh_user | ||
| 299 | - print "gitlab user is in #{gitolite_ssh_user} group? ... " | 298 | + gitlab_user = Gitlab.config.gitlab.user |
| 299 | + gitolite_group = Gitlab.config.gitolite.group | ||
| 300 | + print "gitlab user '#{gitlab_user}' has git group '#{gitolite_group}'? ... " | ||
| 300 | 301 | ||
| 301 | - if run_and_match("id -rnG", /\Wgit\W/) | 302 | + if run_and_match("id -rnG", /^#{gitolite_group}\W|\W#{gitolite_group}\W|\W#{gitolite_group}$/) |
| 302 | puts "yes".green | 303 | puts "yes".green |
| 303 | else | 304 | else |
| 304 | puts "no".red | 305 | puts "no".red |
| 305 | try_fixing_it( | 306 | try_fixing_it( |
| 306 | - "sudo usermod -a -G #{gitolite_ssh_user} gitlab" | 307 | + "sudo usermod -a -G #{gitolite_group} #{gitlab_user}" |
| 307 | ) | 308 | ) |
| 308 | for_more_information( | 309 | for_more_information( |
| 309 | see_installation_guide_section "System Users" | 310 | see_installation_guide_section "System Users" |