Comments (7)
Interesting, I will try to repro on a vanilla instance over the weekend, thanks for reporting it
from ansible-role-gitea.
So I tried to repro, I spinned a vanilla GCP instance and ran the playbook, I was able to pull/push to the repos created over SSH like I do on my "production" personal instance without any issue.
root tmp ~ # cat /etc/debian_version
9.7
root tmp ~ # grep gitea /etc/passwd
gitea:x:1001:1002:Gitea user:/var/lib/gitea:/bin/false
root tmp ~ #
The gitea process is running as the user it should:
gitea 29171 0.1 16.5 622528 100576 ? Ssl 11:42 0:01 /usr/local/bin/gitea web -c /etc/gitea/gitea.ini
Which distro are you using ?
from ansible-role-gitea.
Also if the mitigation is as simple as giving a shell to the gitea user, you can do a PR if you want to optionally give a shell to the user that's not /bin/false
but I'd rather have it disabled by default for security reasons.
from ansible-role-gitea.
Hi, sorry for the delay. I was a little busy...
The user for gitea is gitea:
$ ps auxw | grep gitea
debian 342 0.0 0.0 12716 940 pts/0 S+ 10:53 0:00 grep --color=auto gitea
gitea 18434 0.0 2.1 829288 88832 ? Ssl Mar28 7:26 /usr/local/bin/gitea web -c /etc/gitea/gitea.ini
I am running debian too:
$ cat /etc/debian_version
9.8
$ grep gitea /etc/passwd
gitea:x:1003:1004:Gitea user:/var/lib/gitea:/bin/bash
and the issue is still present.
I will make a pull request soonβ’ with the option to change /bin/false
to something else.
from ansible-role-gitea.
Same issue here with debian_version 10.2, Putty tells me that
Server refused to allocate pty
when shell is set to /bin/false
from ansible-role-gitea.
Same issue here with debian_version 10.2, Putty tells me that
Server refused to allocate pty
when shell is set to /bin/false
My work around is this option in my ansible vars:
gitea_shell: "/bin/bash"
from ansible-role-gitea.
from the gitea docs onto this topic:
(https://docs.gitea.io/en-us/faq/#ssh-issues)
Make sure that the git system user has a usable shell set
...this is true at least for the systems' ssh-server
from ansible-role-gitea.
Related Issues (16)
- Web not accessible after installation HOT 1
- Fix the quality score for the package HOT 4
- Couldnt start gitea service? HOT 3
- OpenId Connect Configuration HOT 1
- Version check fails silently due -o pipefail HOT 5
- How should we deal with gitea updates in the future? HOT 21
- Sqlite3 has being defined as default engine is the database something else? HOT 5
- define mailer type HOT 1
- [improvement] config for heavy GIT lfs users missing
- Template not idempotent HOT 3
- gitea builtin update: permission denied
- Versioning HOT 3
- Gitea Key not found on Keyserver HOT 2
- dublicated entries in config HOT 3
- error templating gitea.ini HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-role-gitea.