-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
INTERNAL_TOKEN_URI needlessly opened as RW #18655
Comments
But the logic is: if the file doesn't exist, Gitea will try to generate a new secret and write it into the file. |
Right, so gitea can try to open the file (RO), if ENOENT then create with
the content (and close it, it's not even needed to read the file then
anyway).
Imho if the file exists but doesn't contain the token gitea could just
error out (didn't go check if this marches the current behaviour), or could
try to re-open the file as RW as needed if that's the current behaviour for
"file present but empty" and you want to keep it.
(I'm not proposing a patch because I really have no expirience with go
(which is something I should fix..), and also because I don't have time to
try figure out how to build the project and test such change. )
…On Mon, 7 Feb 2022, 3:30 pm wxiaoguang, ***@***.***> wrote:
But the logic is: if the file doesn't exist, Gitea will try to generate a
new secret and write it into the file.
—
Reply to this email directly, view it on GitHub
<#18655 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAL7FE3TX4LK6ZJ4O22VVSTUZ7JPPANCNFSM5NXCWUKQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
- Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <[email protected]> Co-authored-by: zeripath <[email protected]>
Thank you!! |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <[email protected]> Co-authored-by: zeripath <[email protected]>
Can #18657 be backported to 1.6? gitea 1.6.5 fails to start in kubernetes when |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <[email protected]> Co-authored-by: zeripath <[email protected]>
Will be released in v1.16.6 |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <[email protected]> Co-authored-by: zeripath <[email protected]> Co-authored-by: Gusted <[email protected]> Co-authored-by: wxiaoguang <[email protected]> Co-authored-by: zeripath <[email protected]>
gitea/modules/setting/setting.go
Line 1039 in 7ce938b
Using
O_RDWR
is not really useful here. I think that it should be possible to make it onlyO_RDONLY
.I spotted this as I tried to make the file
0400
and gitea failed to start.Thanks for considering.
The text was updated successfully, but these errors were encountered: