Disable chroot and add daemon-enable-jail flag

- Disable chroot mechanism by default. - Adds the daemon-enable-jail flag which will allow users to enable the legacy chroot mechanism if anything goes wrong. This flag won't be available via Omnibus, instead users will need to define the environment variable and pass to Pages. - Simplify chroot logic from http_fs - Update jail documentation - Enable chroot when domain-config-source=disk Changelog: changed
author: Jaime Martinez <jmartinez@gitlab.com> 2021-07-02 05:18:39 +0300
committer: Jaime Martinez <jmartinez@gitlab.com> 2021-07-12 06:33:45 +0300
commit: 4d1dcf7933442c4b062b85fe26a2aa6cc75a078d (patch)
tree: d666b9d1ed7b452a439e9c8761701acae694ffc0 /README.md
parent: 98303e171b4e7ce5152cadb71afaded07944f92c (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/README.md b/README.md
index 2d34a88a..b0e4c81a 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,11 @@ See [doc/development.md](doc/development.md)
 
 ### Run daemon **in secure mode**
 
+**Update**:
+
+Starting from GitLab 14.1 the 
+[jailing/chroot mechanism is disabled by default](https://docs.gitlab.com/ee/administration/pages/#jailing-mechanism-disabled-by-default-for-api-based-configuration).
+
 When compiled with `CGO_ENABLED=0` (which is the default), `gitlab-pages` is a
 static binary and so can be run in chroot with dropped privileges.
author	Jaime Martinez <jmartinez@gitlab.com>	2021-07-02 05:18:39 +0300
committer	Jaime Martinez <jmartinez@gitlab.com>	2021-07-12 06:33:45 +0300
commit	4d1dcf7933442c4b062b85fe26a2aa6cc75a078d (patch)
tree	d666b9d1ed7b452a439e9c8761701acae694ffc0 /README.md
parent	98303e171b4e7ce5152cadb71afaded07944f92c (diff)