i have a little problem with an self hosted gitlab instance i manage. The problem is the folowing: were using fapolicy on redhat systems for enhanced security in our infrastructure. fapolicy checks if the system is allowed to run binarys and it checks the binarys if they got manipulted and checks these with an hash code. Everythings looks like it works fine beside of creating commits inside the web ide (were at the implementation phase of gitlab and dont use it productive at the moment, so other things could be broken too and i simply dont know it). When the web ide want to make a commit, it want to run PATH/TO/FILE/gitaly-RANDOMNUMBER/gitaly-git2go of the filesystem and because fapolicy dont know the binary its dont let it executed.
Yes i can add these binary as executen allowed in fapolicy but everytime gitlab restarts, the folder where the gitaly-git2go binarys lays get an other name… i had the workaround to add fapolicy commands into the systemd file of gitlab as post execute commands to clear the database and readd the new folder structure to the allowed binarys rules, but yesterday the systemd file got reset (while i done config settings i think) so i dont want to use these workaround anymore. because of that i disabled fapolicy for the moment but dont want to let it deactivated.
I cant belive that im the only user to experience these problem but i dont find anywhere any instructions or issues or anything how to handle these problem…
If something is not understandable please let me know and i will try to explain it again. here the error message i get when i want to make a commit with the web ide:
I hope someone can help me, or at least says me what kind of issue i should open in the gitlab issue tracker…