diff options
| author | Ben Bodenmiller <bbodenmiller@hotmail.com> | 2017-03-23 22:33:16 +0000 |
|---|---|---|
| committer | Ben Bodenmiller <bbodenmiller@hotmail.com> | 2017-04-13 05:25:58 -0700 |
| commit | d7a17107c867b82918c5188f6fc7c4bb6e8beb59 (patch) | |
| tree | 04c32a0a7860f3b584f0ac2922c15b27a6827e32 /doc | |
| parent | 7629c9ec57cb9b14f41c1163b61df1e6ea6b0ca1 (diff) | |
| download | gitlab-ce-d7a17107c867b82918c5188f6fc7c4bb6e8beb59.tar.gz | |
don't require no_root_squash on NFS only recommend
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/administration/high_availability/nfs.md | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/doc/administration/high_availability/nfs.md b/doc/administration/high_availability/nfs.md index bf1aa6b9ac5..c5125dc6d5a 100644 --- a/doc/administration/high_availability/nfs.md +++ b/doc/administration/high_availability/nfs.md @@ -7,21 +7,20 @@ supported natively in NFS version 4. NFSv3 also supports locking as long as Linux Kernel 2.6.5+ is used. We recommend using version 4 and do not specifically test NFSv3. -**no_root_squash**: NFS normally changes the `root` user to `nobody`. This is -a good security measure when NFS shares will be accessed by many different -users. However, in this case only GitLab will use the NFS share so it -is safe. GitLab requires the `no_root_squash` setting because we need to -manage file permissions automatically. Without the setting you will receive -errors when the Omnibus package tries to alter permissions. Note that GitLab -and other bundled components do **not** run as `root` but as non-privileged -users. The requirement for `no_root_squash` is to allow the Omnibus package to -set ownership and permissions on files, as needed. - ### Recommended options When you define your NFS exports, we recommend you also add the following options: +- `no_root_squash` - NFS normally changes the `root` user to `nobody`. This is + a good security measure when NFS shares will be accessed by many different + users. However, in this case only GitLab will use the NFS share so it + is safe. GitLab recommends the `no_root_squash` setting because we need to + manage file permissions automatically. Without the setting you may receive + errors when the Omnibus package tries to alter permissions. Note that GitLab + and other bundled components do **not** run as `root` but as non-privileged + users. The recommendation for `no_root_squash` is to allow the Omnibus package + to set ownership and permissions on files, as needed. - `sync` - Force synchronous behavior. Default is asynchronous and under certain circumstances it could lead to data loss if a failure occurs before data has synced. |