From 32828834a7a0f6c77d7ffb565a071afddce536b8 Mon Sep 17 00:00:00 2001 From: Shubham Choudhary Date: Thu, 25 Mar 2021 10:25:29 +0530 Subject: [PATCH] Add GIT_SYNC_ROOT change for non-root user in docs/ssh (#354) * Add GIT_SYNC_ROOT change for non-root user in docs/ssh https://github.com/kubernetes/git-sync/pull/97\#issuecomment-800606819 * linewrap * minor * Add GIT_SYNC_ROOT change for non-root user in docs/ssh https://github.com/kubernetes/git-sync/pull/97\#issuecomment-800606819 * linewrap * minor * minor --- docs/ssh.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/ssh.md b/docs/ssh.md index a191834..014a66b 100644 --- a/docs/ssh.md +++ b/docs/ssh.md @@ -106,7 +106,10 @@ that this is a Pod-wide setting, unlike the container `securityContext` above. If you want git-sync to run as a different (non-root) UID and GID, you can change these last blocks to any UID/GID you like. SSH demands that the current UID be present in /etc/passwd, so in this case you will need to add the -`--add-user` flag to git-sync's args array. +`--add-user` flag to git-sync's args array. Also, you need to change +`GIT_SYNC_ROOT` to some other location, say `/workspace`, instead of +`$HOME/git` as theĀ `$HOME` will be `/` for the user and `GIT_SYNC_ROOT` will +end up in `//git` which which the non-root user can't create. **Note:** Kubernetes mounts the Secret with permissions 0444 by default (not restrictive enough to be used as an SSH key), so make sure you set the