Permission error 0700 not 2770 on reconfigure using remote windows share
Summary
Git-data directory cannot be set to a mounted Windows Server share on Raspberry Pi due to permissions error
Steps to reproduce
- Install gitlab on Raspberry Pi
- Mount Windows Server share to /mnt/AZLSERV/git-data using:
sudo mount -t cifs //server/folder /mnt/AZLSERV/git-data/ -o user=***,pass=****,uid=git,gid=gitfile_mode=0700,dir_mode=0700
Example Project
What is the current bug behavior?
Gitlab throws a permission error that the "repositories" folder is not 2770 but 0700
What is the expected correct behavior?
Gitlab reconfigures correctly
Relevant logs and/or screenshots
sudo gitlab-ctl reconfigure
Starting Chef Client, version 13.6.4
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- gitlab (0.0.1)
- package (0.1.0)
- postgresql (0.1.0)
- redis (0.1.0)
- registry (0.1.0)
- mattermost (0.1.0)
- consul (0.0.0)
- gitaly (0.1.0)
- letsencrypt (0.1.0)
- nginx (0.1.0)
- runit (0.14.2)
- acme (3.1.0)
- crond (0.1.0)
- compat_resource (12.19.0)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create (up to date)
Converging 445 resources
* directory[/etc/gitlab] action create (up to date)
* directory[Create /var/opt/gitlab] action create (up to date)
* directory[/opt/gitlab/embedded/etc] action create (up to date)
* template[/opt/gitlab/embedded/etc/gitconfig] action create (up to date)
Recipe: gitlab::web-server
* account[Webserver user and group] action create
* group[Webserver user and group] action create (up to date)
* linux_user[Webserver user and group] action create (up to date)
(up to date)
Recipe: gitlab::users
* directory[/var/opt/gitlab] action create (up to date)
* account[GitLab user and group] action create
* group[GitLab user and group] action create (up to date)
* linux_user[GitLab user and group] action create (up to date)
(up to date)
* template[/var/opt/gitlab/.gitconfig] action create (up to date)
* directory[/var/opt/gitlab/.bundle] action create (up to date)
Recipe: gitlab::gitlab-shell
* storage_directory[/var/opt/gitlab/.ssh] action create
* ruby_block[directory resource: /var/opt/gitlab/.ssh] action run (skipped due to not_if)
(up to date)
* directory[/var/log/gitlab/gitlab-shell/] action create (up to date)
* directory[/var/opt/gitlab/gitlab-shell] action create (up to date)
* templatesymlink[Create a config.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-shell/config.yml] action create (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml] action create (up to date)
(up to date)
* link[/opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret] action create (up to date)
* execute[/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions] action run
- execute /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions
* bash[Set proper security context on ssh files for selinux] action run (skipped due to only_if)
Recipe: gitlab::gitlab-rails
* storage_directory[/var/opt/gitlab/git_data] action create
* ruby_block[directory resource: /var/opt/gitlab/git_data] action run (skipped due to not_if)
(up to date)
* storage_directory[/mnt/AZLSERV/git-data] action create
* ruby_block[directory resource: /mnt/AZLSERV/git-data] action run (skipped due to not_if)
(up to date)
* storage_directory[/var/opt/gitlab/git_data/repositories] action create
* ruby_block[directory resource: /var/opt/gitlab/git_data/repositories] action run (skipped due to not_if)
(up to date)
* storage_directory[/mnt/AZLSERV/git-data/repositories] action create
* ruby_block[directory resource: /mnt/AZLSERV/git-data/repositories] action run
================================================================================
Error executing action `run` on resource 'ruby_block[directory resource: /mnt/AZLSERV/git-data/repositories]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Failed asserting that mode permissions on "/mnt/AZLSERV/git-data/repositories" is 2770
---- Begin output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
STDOUT:
STDERR: + grep -o ....$
+ readlink -f /mnt/AZLSERV/git-data/repositories
+ stat --printf=%04a /mnt/AZLSERV/git-data/repositories
+ [ 0700 = 2770 ]
---- End output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
Ran set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] returned 1
Cookbook Trace:
---------------
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:125:in `validate_command'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:113:in `block in validate'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:112:in `each_index'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:112:in `validate'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:87:in `validate!'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb:42:in `block (3 levels) in class_from_file'
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb
33: ruby_block "directory resource: #{new_resource.path}" do
34: block do
35: # Ensure the directory exists
36: storage_helper.ensure_directory_exists(new_resource.path)
37:
38: # Ensure the permissions are set
39: storage_helper.ensure_permissions_set(new_resource.path)
40:
41: # Error out if we have not achieved the target permissions
42: storage_helper.validate!(new_resource.path)
43: end
44: not_if { storage_helper.validate(new_resource.path) }
45: end
46: end
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb:33:in `block in class_from_file'
ruby_block("directory resource: /mnt/AZLSERV/git-data/repositories") do
action [:run]
default_guard_interpreter :default
block_name "directory resource: /mnt/AZLSERV/git-data/repositories"
declared_type :ruby_block
cookbook_name "gitlab"
block #<Proc:0x026544d8@/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb:34>
not_if { #code block }
end
System Info:
------------
chef_version=13.6.4
platform=raspbian
platform_version=9.6
ruby=ruby 2.4.5p335 (2018-10-18 revision 65137) [armv7l-linux-eabihf]
program_name=/opt/gitlab/embedded/bin/chef-client
executable=/opt/gitlab/embedded/bin/chef-client
================================================================================
Error executing action `create` on resource 'storage_directory[/mnt/AZLSERV/git-data/repositories]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
ruby_block[directory resource: /mnt/AZLSERV/git-data/repositories] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb line 33) had an error: Mixlib::ShellOut::ShellCommandFailed: Failed asserting that mode permissions on "/mnt/AZLSERV/git-data/repositories" is 2770
---- Begin output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
STDOUT:
STDERR: + grep -o ....$
+ readlink -f /mnt/AZLSERV/git-data/repositories
+ stat --printf=%04a /mnt/AZLSERV/git-data/repositories
+ [ 0700 = 2770 ]
---- End output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
Ran set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] returned 1
Cookbook Trace:
---------------
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:125:in `validate_command'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:113:in `block in validate'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:112:in `each_index'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:112:in `validate'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/libraries/storage_directory_helper.rb:87:in `validate!'
/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb:42:in `block (3 levels) in class_from_file'
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/gitlab-rails.rb
55: storage_directory repositories_storage['path'] do
56: owner gitlab_user
57: mode "2770"
58: end
59: end
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/gitlab-rails.rb:55:in `block in from_file'
storage_directory("/mnt/AZLSERV/git-data/repositories") do
action [:create]
default_guard_interpreter :default
declared_type :storage_directory
cookbook_name "gitlab"
recipe_name "gitlab-rails"
owner "git"
mode "2770"
path "/mnt/AZLSERV/git-data/repositories"
end
System Info:
------------
chef_version=13.6.4
platform=raspbian
platform_version=9.6
ruby=ruby 2.4.5p335 (2018-10-18 revision 65137) [armv7l-linux-eabihf]
program_name=/opt/gitlab/embedded/bin/chef-client
executable=/opt/gitlab/embedded/bin/chef-client
Running handlers:
There was an error running gitlab-ctl reconfigure:
storage_directory[/mnt/AZLSERV/git-data/repositories] (gitlab::gitlab-rails line 55) had an error: Mixlib::ShellOut::ShellCommandFailed: ruby_block[directory resource: /mnt/AZLSERV/git-data/repositories] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/package/resources/storage_directory.rb line 33) had an error: Mixlib::ShellOut::ShellCommandFailed: Failed asserting that mode permissions on "/mnt/AZLSERV/git-data/repositories" is 2770
---- Begin output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
STDOUT:
STDERR: + grep -o ....$
+ readlink -f /mnt/AZLSERV/git-data/repositories
+ stat --printf=%04a /mnt/AZLSERV/git-data/repositories
+ [ 0700 = 2770 ]
---- End output of set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] ----
Ran set -x && [ "$(stat --printf='%04a' $(readlink -f /mnt/AZLSERV/git-data/repositories) | grep -o '....$')" = '2770' ] returned 1
Running handlers complete
Chef Client failed. 1 resources updated in 37 seconds
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:env:info
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
)
Results of GitLab application Check
System information
System: Raspbian 9.6
Current User: git
Using RVM: no
Ruby Version: 2.4.5p335
Gem Version: 2.7.6
Bundler Version:1.16.6
Rake Version: 12.3.1
Redis Version: 3.2.12
Git Version: 2.18.1
Sidekiq Version:5.2.1
Go Version: unknown
GitLab information
Version: 11.5.0-rc12
Revision: 079c6a1
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: postgresql
URL: http://azlgit.local
HTTP Clone URL: http://azlgit.local/some-group/some-project.git
SSH Clone URL: git@azlgit.local:some-group/some-project.git
Using LDAP: no
Using Omniauth: yes
Omniauth Providers:
GitLab Shell
Version: 8.4.1
Repository storage paths:
- default: /var/opt/gitlab/git_data/repositories
- server: /var/opt/gitlab/git-data/repositories
Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks
Git: /opt/gitlab/embedded/bin/git
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)