Files
forgejo/forgejo.sysusers
Richard Rahl e62e31f00f - move permissions of the log dir and the data dir
from forgejo:forgejo u=rwX,g=rwX,o=
  to   forgejo:forgejo u=rwX,g=rX,o=

- update apparmor profile to a profile that is less broad.

- create all directories before actually installing files

- make the HOME dir in the service file the same as the user
- migrate existing authorized keys files
  from %{_datadir}/%{name}/.ssh/authorized_keys
  to   %{_sharedstatedir}/%{name}/data/home/.ssh/authorized_keys

- fix file list to lock down permissions more

- don't require the apparmor subpackage when apparmor is installed
  the current profile is rather bad and it should be possible to
  keep it out.

- user should actually use /var/lib/forgejo/data/home

OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/forgejo?expand=0&rev=53
2025-03-11 12:47:50 +00:00

4 lines
114 B
Plaintext

# Type Name ID GECOS [HOME] Shell
g forgejo - - -
u forgejo - "Forgejo" /var/lib/forgejo/data/home /usr/bin/bash