summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason Song <i@wolfogre.com>2023-07-06 23:00:38 +0800
committerGitHub <noreply@github.com>2023-07-06 17:00:38 +0200
commit5b7b7c4f3cc66c30276d0b172244ac7440419101 (patch)
tree3befb8f57e8406b2f03e83c54ba5d6aad14d560e
parent45ac90eb54d9f6b6877f68ebd0d84ebd12de170f (diff)
downloadgitea-5b7b7c4f3cc66c30276d0b172244ac7440419101.tar.gz
gitea-5b7b7c4f3cc66c30276d0b172244ac7440419101.zip
Correct permissions for `.ssh` and `authorized_keys` (#25721)
Set the correct permissions on the .ssh directory and authorized_keys file, or sshd will refuse to use them and lead to clone/push/pull failures. It could happen when users have copied their data to a new volume and changed the file permission by accident, and it would be very hard to troubleshoot unless users know how to check the logs of sshd which is started by s6. Co-authored-by: Giteabot <teabot@gitea.io>
-rwxr-xr-xdocker/root/etc/s6/gitea/setup10
1 files changed, 9 insertions, 1 deletions
diff --git a/docker/root/etc/s6/gitea/setup b/docker/root/etc/s6/gitea/setup
index d8f6a3b319..b801ef4e03 100755
--- a/docker/root/etc/s6/gitea/setup
+++ b/docker/root/etc/s6/gitea/setup
@@ -2,7 +2,15 @@
if [ ! -d /data/git/.ssh ]; then
mkdir -p /data/git/.ssh
- chmod 700 /data/git/.ssh
+fi
+
+# Set the correct permissions on the .ssh directory and authorized_keys file,
+# or sshd will refuse to use them and lead to clone/push/pull failures.
+# It could happen when users have copied their data to a new volume and changed the file permission by accident,
+# and it would be very hard to troubleshoot unless users know how to check the logs of sshd which is started by s6.
+chmod 700 /data/git/.ssh
+if [ -f /data/git/.ssh/authorized_keys ]; then
+ chmod 600 /data/git/.ssh/authorized_keys
fi
if [ ! -f /data/git/.ssh/environment ]; then