Control: found -1 8.4.3+dfsg-6 Hi,
Quoting Debian Bug Tracking System (2016-02-13 18:24:16) > This is an automatic notification regarding your Bug report > which was filed against the gitlab package: > > #814476: gitlab writes into /usr/share/gitlab during operation > > It has been closed by Pirate Praveen <prav...@debian.org>. sorry but this bug is still not fixed. As you can read in my initial report, this bug is about violation of Debian policy ยง9.1.1 and gitlab is still writing files into /usr/share/gitlab during operation or stores host-specific configuration in /usr/share/gitlab. Let me quote chapter 4 of the FHS again: "/usr is the second major section of the filesystem. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. Any information that is host-specific or varies with time is stored elsewhere." Since you seem to have thought that only the log files were a problem, here are some more offenders: - /usr/share/gitlab/.ssh/authorized_keys - /usr/share/gitlab/.secret - /usr/share/gitlab/config/database.yml - /usr/share/gitlab/config/gitlab.yml - /usr/share/gitlab/config/resque.yml - /usr/share/gitlab/config/secrets.yml - /usr/share/gitlab/config/unicorn.rb - /usr/share/gitlab/Gemfile.lock - /usr/share/gitlab/.gitconfig - /usr/share/gitlab/.gitlab_shell_secret - /usr/share/gitlab/information_schema - /usr/share/gitlab/public/uploads - /usr/share/gitlab/.secret - /usr/share/gitlab/shared/cache/archive/ - /usr/share/gitlab/.ssh A possible offender might be /usr/share/gitlab/public/assets/. I do not know whether this content is host and/or configuration specific or not. I think one big problem is, that you set the home directory of the gitlab user to /usr/share/gitlab. But user's home directories are definitely host-specific and thus it would violate the FHS to store them in /usr. Also, it can be usually expected that one has write access to the home directory but according to the FHS, /usr might be mounted read-only during operation. So maybe you should move the home directory to something host specific like something in /var. The second problem is, that there are still lots of configuration files in /usr/share/gitlab. But configurations are host-specific and should be in /etc or also in /var in certain cases. Lastly, there seem to be upload and cache directories in /usr/share/gitlab which definitely mustn't be there, like /usr/share/gitlab/public/uploads or /usr/share/gitlab/shared/cache/archive/. Thanks! cheers, josch
signature.asc
Description: signature