Make .ssh directory world-readable for SELinux compatibility

SELinux prevents root from accessing 700 directories in some contexts. Use 755 for directory and 644 for authorized_keys to allow access. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
author: Paul Buetow <paul@buetow.org> 2026-01-09 16:03:02 +0200
committer: Paul Buetow <paul@buetow.org> 2026-01-09 16:03:02 +0200
commit: 8197e3f9c1b89bc499f5ac070a706b0ff9ee89ab (patch)
tree: f1aab9fd3ac8e9b6c728cb9790e42728cb9dd520 /f3s/git-server
parent: fc28ffa7366c6771c090a033ca0c7d1ec2a061c0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/f3s/git-server/helm-chart/templates/deployment.yaml b/f3s/git-server/helm-chart/templates/deployment.yaml
index e48fc8e..7a7ed57 100644
--- a/f3s/git-server/helm-chart/templates/deployment.yaml
+++ b/f3s/git-server/helm-chart/templates/deployment.yaml
@@ -29,8 +29,8 @@ spec:
           # The /ssh-git mount point IS the .ssh directory
           cp /ssh-keys-secret/authorized_keys /ssh-git/authorized_keys
           chown -R 1000:1000 /ssh-git
-          chmod 700 /ssh-git
-          chmod 600 /ssh-git/authorized_keys
+          chmod 755 /ssh-git
+          chmod 644 /ssh-git/authorized_keys
         volumeMounts:
         - name: ssh-host-keys
           mountPath: /ssh-init
author	Paul Buetow <paul@buetow.org>	2026-01-09 16:03:02 +0200
committer	Paul Buetow <paul@buetow.org>	2026-01-09 16:03:02 +0200
commit	8197e3f9c1b89bc499f5ac070a706b0ff9ee89ab (patch)
tree	f1aab9fd3ac8e9b6c728cb9790e42728cb9dd520 /f3s/git-server
parent	fc28ffa7366c6771c090a033ca0c7d1ec2a061c0 (diff)