Skip to content

make 'git' a system-user #3438

Closed
wants to merge 4 commits into from
@Finkregh

Make 'git' a system-user, as it is a service/daemon, not a //normal// user.
Make 'su' start a login-shell.

I suppose gitlab does not need a login-shell?

Finkregh added some commits Mar 28, 2013
@Finkregh Finkregh make 'git' a system-user
Make 'git' a system-user, as it is a service/daemon, not a //normal// user.
Make 'su' start a login-shell.

I suppose gitlab does not need a login-shell?
8a0a337
@Finkregh Finkregh also create system-group 54535aa
@Finkregh Finkregh set git-config before check
set the config on setup and before running 'bundle exec rake gitlab:check RAILS_ENV=production', as that says that these should be set
8b3318e
@Finkregh Finkregh fix git-user (provide shell) 7768658
@randx
GitLab member
randx commented Apr 6, 2013

I need a login-shell for developing. I use git user on local machine to develop gitlab

@koenpunt
koenpunt commented Apr 6, 2013

@randx But that's for developing, so you can change that on your local machine right?

@Finkregh
Finkregh commented Apr 8, 2013

👍 for @koenpunt

the user for such a daemon should not be given any sort of login-capability. what you do on your dev-machine is something completely different 😄

@mckern
mckern commented Apr 18, 2013

+1 to "development != production"

@mjdetullio

Regardless of whether or not the user runs GitLab as a daemon, you should still be able to sudo su - git for troubleshooting production issues. However I agree that you shouldn't be able to log into the user directly.

@tvannahl

👍 A deployment that is compatible with the FHS would be great.

@samurailink3

👍

@rbecher
rbecher commented Jul 12, 2013

+1 this is much cleaner on a production system

@netdata
netdata commented Jul 15, 2013

+1 we use puppet to manage our users on our system, this also means we purge all users which should not be on the system
This is not the case for system users, so now I have to disable puppet.

@brodock
brodock commented Nov 16, 2013

I would like to link this chef-recipe as a way to contribute to the discussion:
https://github.com/atomic-penguin/cookbook-gitlab

according to the readme, the author changed git home directory to /srv/git and default gitlab's installation directory to /srv/git/gitlab as a way to comply with FHS.

On a ubuntu centered perspective, it should be placed somewhere in /var or /var/www as it's the default apache webroot, but it makes more sense after reading the arguments on serverfault (the stackoverflow's version for sever administration), I'm now convinced that /srv/git is the place to be.

To be more specific, I do believe that this is the change we should do to comply with FHS:

/home/git -> /srv/git
/home/git/giltab -> /srv/git/gitlab
/home/git/gitlab-shell -> /srv/git/gitlab-shell

A side-effect is that some people like to have / in a small partition and /home in another big disk partition. This can be solved by symlink /srv to /home/git.

IMHO this makes sense to be considered.


To create a "git" user with home pointing to /srv/git:

sudo useradd -d /srv/git -m git

To change an already existing git user to point new home to /srv/git:

sudo mv /home/git /srv/git
sudo usermod -d /srv/git git
@jvanbaarsen
GitLab member

This pull request has been closed because a request for more information has not been reacted to for more than 2 weeks. If you respond and conform to the pull request guidelines in our contributing guidelines we will reopen this pull request. /cc @Razer6

@Razer6 Razer6 closed this Dec 10, 2013
@Finkregh

a request for more information has not been reacted to

quote please W(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.