Giter VIP home page Giter VIP logo

Comments (7)

thomas-maurice avatar thomas-maurice commented on June 30, 2024 1

Interesting, I will try to repro on a vanilla instance over the weekend, thanks for reporting it

from ansible-role-gitea.

thomas-maurice avatar thomas-maurice commented on June 30, 2024

So I tried to repro, I spinned a vanilla GCP instance and ran the playbook, I was able to pull/push to the repos created over SSH like I do on my "production" personal instance without any issue.

root tmp ~ # cat /etc/debian_version 
9.7
root tmp ~ # grep gitea /etc/passwd
gitea:x:1001:1002:Gitea user:/var/lib/gitea:/bin/false
root tmp ~ #

The gitea process is running as the user it should:

gitea    29171  0.1 16.5 622528 100576 ?       Ssl  11:42   0:01 /usr/local/bin/gitea web -c /etc/gitea/gitea.ini

Which distro are you using ?

from ansible-role-gitea.

thomas-maurice avatar thomas-maurice commented on June 30, 2024

Also if the mitigation is as simple as giving a shell to the gitea user, you can do a PR if you want to optionally give a shell to the user that's not /bin/false but I'd rather have it disabled by default for security reasons.

from ansible-role-gitea.

DO1JLR avatar DO1JLR commented on June 30, 2024

Hi, sorry for the delay. I was a little busy...

The user for gitea is gitea:

 $ ps auxw  | grep gitea
debian     342  0.0  0.0  12716   940 pts/0    S+   10:53   0:00 grep --color=auto gitea
gitea    18434  0.0  2.1 829288 88832 ?        Ssl  Mar28   7:26 /usr/local/bin/gitea web -c /etc/gitea/gitea.ini

I am running debian too:

 $ cat /etc/debian_version 
9.8
 $ grep gitea /etc/passwd
gitea:x:1003:1004:Gitea user:/var/lib/gitea:/bin/bash

and the issue is still present.

I will make a pull request soonβ„’ with the option to change /bin/false to something else.

from ansible-role-gitea.

reikjarloekl avatar reikjarloekl commented on June 30, 2024

Same issue here with debian_version 10.2, Putty tells me that
Server refused to allocate pty when shell is set to /bin/false

from ansible-role-gitea.

DO1JLR avatar DO1JLR commented on June 30, 2024

Same issue here with debian_version 10.2, Putty tells me that
Server refused to allocate pty when shell is set to /bin/false

My work around is this option in my ansible vars:

gitea_shell: "/bin/bash"

from ansible-role-gitea.

zeus86 avatar zeus86 commented on June 30, 2024

from the gitea docs onto this topic:
(https://docs.gitea.io/en-us/faq/#ssh-issues)
Make sure that the git system user has a usable shell set
...this is true at least for the systems' ssh-server

from ansible-role-gitea.

Related Issues (16)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.