INTERNAL_TOKEN_URI needlessly opened as RW #18655
Comments
|
But the logic is: if the file doesn't exist, Gitea will try to generate a new secret and write it into the file. |
|
Right, so gitea can try to open the file (RO), if ENOENT then create with
the content (and close it, it's not even needed to read the file then
anyway).
Imho if the file exists but doesn't contain the token gitea could just
error out (didn't go check if this marches the current behaviour), or could
try to re-open the file as RW as needed if that's the current behaviour for
"file present but empty" and you want to keep it.
(I'm not proposing a patch because I really have no expirience with go
(which is something I should fix..), and also because I don't have time to
try figure out how to build the project and test such change. )
…On Mon, 7 Feb 2022, 3:30 pm wxiaoguang, ***@***.***> wrote:
But the logic is: if the file doesn't exist, Gitea will try to generate a
new secret and write it into the file.
—
Reply to this email directly, view it on GitHub
<#18655 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAL7FE3TX4LK6ZJ4O22VVSTUZ7JPPANCNFSM5NXCWUKQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
- Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
|
Thank you!! |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
|
Can #18657 be backported to 1.6? gitea 1.6.5 fails to start in kubernetes when |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves go-gitea#18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
Will be released in v1.16.6 |
* Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 * Fix perm * Update setting.go * Update setting.go * Update setting.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
gitea/modules/setting/setting.go
Line 1039 in 7ce938b
Using
O_RDWRis not really useful here. I think that it should be possible to make it onlyO_RDONLY.I spotted this as I tried to make the file
0400and gitea failed to start.Thanks for considering.
The text was updated successfully, but these errors were encountered: