Error when executing a hook behind multiple symlinks
Working on implementing gitlab-org/charts/gitlab#1687 (closed)
kubernetes configmap based volumes store the files behind 2 symlinks:
git@ibaum-gitlab-gitaly-0:~/custom_hooks/update.d$ ls -al
total 12
drwxrwsrwx 3 root git 4096 Nov 10 22:30 .
drwxr-xr-x 3 root root 4096 Nov 10 22:25 ..
drwxr-sr-x 2 root git 4096 Nov 10 22:30 ..2020_11_10_22_30_36.244441119
lrwxrwxrwx 1 root git 31 Nov 10 22:30 ..data -> ..2020_11_10_22_30_36.244441119
lrwxrwxrwx 1 root root 10 Nov 10 22:25 baz -> ..data/baz
git@ibaum-gitlab-gitaly-0:~/custom_hooks/update.d$
Trying to execute a hook in this instance results in an error:
time="2020-11-10T22:31:45Z" level=fatal msg="error when receiving data for \"update\": rpc error: code = Internal desc = GitCommand: start [/home/git/custom_hooks/update.d/..data refs/heads/master 0000000000000000000000000000000000000000 90b0e8ef4f9ba9923d29b1d91d46e9003310b969]: fork/exec /home/git/custom_hooks/update.d/..data: permission denied"
Verified on an omnibus-gitlab install that the second symlink is causing the issue
- Uncommented
gitlab_shell['custom_hooks_dir'] = "/opt/gitlab/embedded/service/gitlab-shell/hooks"
and rangitlab-ctl reconfigure
mkdir -p /opt/gitlab/embedded/service/gitlab-shell/hooks/update.d/
- Create a script
baz
in the above directory and make sure it is executable#!/bin/sh date >> /tmp/hook
- Commit a change to the repo and it succeeds
cd /opt/gitlab/embedded/service/gitlab-shell/hooks/update.d/
mkdir ..data
mv baz ..data/
ln -s ..data/baz .
- Commit a change to the repo, and it still succeeds
mkdir ..anotherdir
mv ..data/baz ..anotherdir/
rm -rf ..data
ln -s ..anotherdir ..data
- Commit a new change to the repo, and get the above error