Disable jailing mechanism by default
Release notes
We disable the jailing mechanism for GitLab Pages by default. The main reason for this is that many users complain that it causes a lot of problems after upgrading to 14.0. It also lost it relevance since we stopped serving directly from the disk starting from 14.0. You can still [enable jailing back](LINK TO gitlab!65791 (diffs) ONCE IT'S MERGED) if disabling it will break something for you. In that case please reach to us on the feedback issue.
Background
Starting from GitLab 14.1 the jailing/chroot mechanism is disabled by default. If you are using API-based configuration and the new Zip storage architecture there is nothing you need to do.
If you run into any problems please open a new issue and enable the jail again by setting the environment variable:
-
Edit
/etc/gitlab/gitlab.rb
. -
Set the
DAEMON_ENABLE_JAIL
environment variable totrue
for GitLab Pages:gitlab_pages['env']['DAEMON_ENABLE_JAIL'] = "true"
Disabling the jail will hopefully fix a bunch of issues related to DNS resolution when running Pages inside a Docker container and ease the transition to the new Pages architecture.
Per @vshushlin suggestion #589 (comment 618738893)
- Add
daemon-enable-jail
flag to Pages available for source installations - For Omnibus installations, you can enable this by setting the following environment variable in your
/etc/gitlab/gitlab.rb
file
gitlab_pages['env']['DAEMON_ENABLE_JAIL'] = "true"