diff options
| author | Paul Buetow <paul@buetow.org> | 2026-01-09 14:42:22 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-01-09 14:42:22 +0200 |
| commit | 4376ee1d390368d1ea0ab4e8bfb3356c11e18e7d (patch) | |
| tree | 634f514c019b28d64b5192975e3288a0595114e1 | |
| parent | eae27de6c6b63a830f0ee23b155d94a9fe82c255 (diff) | |
Add SETGID and SETUID capabilities to git-server
SSH privilege separation requires setgroups() and setuid() syscalls.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
| -rw-r--r-- | f3s/git-server/helm-chart/templates/deployment.yaml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/f3s/git-server/helm-chart/templates/deployment.yaml b/f3s/git-server/helm-chart/templates/deployment.yaml index 6f38d88..2223d14 100644 --- a/f3s/git-server/helm-chart/templates/deployment.yaml +++ b/f3s/git-server/helm-chart/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] - add: ["SYS_CHROOT"] + add: ["SYS_CHROOT", "SETGID", "SETUID"] resources: requests: cpu: 50m |