Don't setuid the repositories (Rake checks)

author: Kevin Lamontagne <kevin.lamontagne@libeo.com> 2012-12-30 21:46:28 -0500
committer: Kevin Lamontagne <kevin.lamontagne@libeo.com> 2012-12-30 21:46:28 -0500
commit: c816dcc10513731f0ef0c1b247fef1ef1287dd7c (patch)
tree: b1affe8e890bac869a65b3255532d068cb2262dc /lib
parent: 29baadf0c7f48c63867b839d4f990ff767b6dcc9 (diff)
download: gitlab-ce-c816dcc10513731f0ef0c1b247fef1ef1287dd7c.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index 72111f87567..730a1fc5f2c 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -693,7 +693,7 @@ namespace :gitlab do
     end
 
     def check_repo_base_permissions
-      print "Repo base access is drwsrws---? ... "
+      print "Repo base access is drwxrws---? ... "
 
       repo_base_path = Gitlab.config.gitolite.repos_path
       unless File.exists?(repo_base_path)
@@ -701,13 +701,15 @@ namespace :gitlab do
         return
       end
 
-      if `stat --printf %a #{repo_base_path}` == "6770"
+      if `stat --printf %a #{repo_base_path}` == "2770"
         puts "yes".green
       else
         puts "no".red
         puts "#{repo_base_path} is not writable".red
         try_fixing_it(
-          "sudo chmod -R ug+rwXs,o-rwx #{repo_base_path}"
+          "sudo chmod -R ug+rwX,o-rwx #{repo_base_path}",
+          "sudo chmod -R u-s #{repo_base_path}",
+          "find -type d #{repo_base_path} -print0 | sudo xargs -0 chmod g+s"
         )
         for_more_information(
           see_installation_guide_section "Gitolite"
author	Kevin Lamontagne <kevin.lamontagne@libeo.com>	2012-12-30 21:46:28 -0500
committer	Kevin Lamontagne <kevin.lamontagne@libeo.com>	2012-12-30 21:46:28 -0500
commit	c816dcc10513731f0ef0c1b247fef1ef1287dd7c (patch)
tree	b1affe8e890bac869a65b3255532d068cb2262dc /lib
parent	29baadf0c7f48c63867b839d4f990ff767b6dcc9 (diff)
download	gitlab-ce-c816dcc10513731f0ef0c1b247fef1ef1287dd7c.tar.gz