diff options
| author | Ismo Toijala <ismo.toijala@gmail.com> | 2021-01-21 12:36:05 +0300 |
|---|---|---|
| committer | Vladimir Shushlin <vshushlin@gitlab.com> | 2021-01-21 12:36:05 +0300 |
| commit | c3acce207191b9b27ef7af1344b965a83c2a6a80 (patch) | |
| tree | 66e8fdfc32486e9fa50ddef0c2378c085e9231f8 /README.md | |
| parent | 8617aaebb1e45b9c222f3c67f93112d7dc37ad61 (diff) | |
Include /etc/hosts in chroot jail
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -91,7 +91,7 @@ as. The daemon starts listening on ports and reads certificates as root, then re-executes itself as the specified user. When re-executing it creates a chroot jail -containing a copy of its own binary, `/etc/resolv.conf`, and a bind mount of `pages-root`. +containing a copy of its own binary, `/etc/hosts`, `/etc/resolv.conf`, and a bind mount of `pages-root`. When `-artifacts-server` points to an HTTPS URL we also need a list of certificates for the trusted Certification Authorities to copy inside the jail. @@ -109,7 +109,7 @@ $ sudo ./gitlab-pages -listen-http ":80" -pages-root path/to/gitlab/shared/pages #### Caveats -The `/etc/resolv.conf` file, and any file pointed to by the `SSL_CERT_FILE` +The `/etc/hosts` and `/etc/resolv.conf` files, and any file pointed to by the `SSL_CERT_FILE` environment variable, will be copied into the jail. As a result, changes to these files will not be reflected in Pages until it's restarted. |