-
Notifications
You must be signed in to change notification settings - Fork 9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bitnami/mediawiki] Upgrade mediawiki helm package 20.0.2 and having a file permission denied issue #25374
Comments
As you can see in the link below, new major version of the Mediawiki chart includes some security enhancements: The new security defaults for Mediawiki containers set restrictive rules such as using read-only filesystems. This is a great feature to prevent a series of attacks but it also sets some challenges for the application to work on such a restrictive environment. Could you please share the |
Sure thing, it's here:
Is this not the supported way to add supplemental apache conf? I guess I was trying to replicate bitmani/vms style config. |
Could you try mounting your custom extraVolumes:
- name: custom-htaccess
configMap:
name: wiki-htaccess-configmap
items:
- key: mediawiki-htaccess.conf
path: mediawiki-htaccess.conf
extraVolumeMounts:
- mountPath: /opt/bitnami/apache/conf.default/vhosts/htaccess
name: custom-htaccess
extraDeploy:
- apiVersion: v1
kind: ConfigMap
metadata:
name: wiki-htaccess-configmap
data:
mediawiki-htaccess.conf: |
<Directory "/opt/bitnami/mediawiki/cache">
Require all denied
</Directory>
<Directory "/opt/bitnami/mediawiki/images">
<IfModule headers_module>
Header set X-Content-Type-Options nosniff
</IfModule>
<IfModule php7_module>
php_flag engine off
</IfModule>
<IfModule php_module>
php_flag engine off
</IfModule>
</Directory> |
Thanks very much for the suggestion. I have now had time to test the new config and can confirm putting the htaccess file at |
Awesome @iain-ilearner ! I proceed to close the issue but please don't hesitate to let us know if you require further help. |
Name and Version
bitnami/mediawiki 20.0.2
What architecture are you using?
amd64
What steps will reproduce the bug?
There seems to be an equivalent issue for mediawiki that affected wordpress in issue #24590
Are you using any custom parameters or values?
values.yaml:
What do you see instead?
The text was updated successfully, but these errors were encountered: