kubernetes
/
git-sync
mirror of https://github.com/kubernetes/git-sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add GIT_SYNC_ROOT change for non-root user in docs/ssh (#354) 

* Add GIT_SYNC_ROOT change for non-root user in docs/ssh

https://github.com/kubernetes/git-sync/pull/97\#issuecomment-800606819

* linewrap

* minor

* Add GIT_SYNC_ROOT change for non-root user in docs/ssh

https://github.com/kubernetes/git-sync/pull/97\#issuecomment-800606819

* linewrap

* minor

* minor
This commit is contained in:
Shubham Choudhary 2021-03-25 10:25:29 +05:30 committed by GitHub
parent f28d802e7c
commit 32828834a7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/ssh.md
View File

@ -106,7 +106,10 @@ that this is a Pod-wide setting, unlike the container `securityContext` above.
If you want git-sync to run as a different (non-root) UID and GID, you can If you want git-sync to run as a different (non-root) UID and GID, you can
change these last blocks to any UID/GID you like. SSH demands that the current change these last blocks to any UID/GID you like. SSH demands that the current
UID be present in /etc/passwd, so in this case you will need to add the UID be present in /etc/passwd, so in this case you will need to add the
`--add-user` flag to git-sync's args array. `--add-user` flag to git-sync's args array. Also, you need to change
`GIT_SYNC_ROOT` to some other location, say `/workspace`, instead of
`$HOME/git` as the `$HOME` will be `/` for the user and `GIT_SYNC_ROOT` will
end up in `//git` which which the non-root user can't create.
**Note:** Kubernetes mounts the Secret with permissions 0444 by default (not **Note:** Kubernetes mounts the Secret with permissions 0444 by default (not
restrictive enough to be used as an SSH key), so make sure you set the restrictive enough to be used as an SSH key), so make sure you set the