tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-11-03 21:08:25 +00:00
Code Releases Activity

Comment on PrivateUsers option for gitea.service (#20383)

Browse Source 
* Comment on PrivateUsers option for gitea.service

A user happens to encounter an issue where PrivateUsers sandboxed Gitea.service and it effectively stop systemd from applying capabilities for that gitea.service. I am opening this PR to provide comments on PrivateUsers, effectively a tiny FAQ information for end-user.
This commit is contained in:
CLanguagePurist
2022-07-16 06:58:56 -06:00
committed by GitHub
parent ce8e06f9f3
commit 6247a1dd5d
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
contrib/systemd/gitea.service
View File

@@ -78,6 +78,13 @@ Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE #CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE #AmbientCapabilities=CAP_NET_BIND_SERVICE
### ###
# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
# set the following value to false to allow capabilities to be applied on gitea process. The following
# value if set to true sandboxes gitea service and prevent any processes from running with privileges
# in the host user namespace.
###
#PrivateUsers=false
###
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target