github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-09 12:46:42 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Gitea is not supposed to be run as root (1.20.0-rc1) #11100

New Issue
Closed
opened 2025-11-02 09:27:34 -06:00 by GiteaMirror · 8 comments
GiteaMirror commented 2025-11-02 09:27:34 -06:00
Owner
Copy Link

Originally created by @lonix1 on GitHub (Jun 25, 2023).

Description

Latest stable
$ docker run --rm -it -p 3000:3000 -p 22:22 -v ./data:/data gitea/gitea:1.19.3

Server listening on :: port 22.
Server listening on 0.0.0.0 port 22.
2023/06/25 01:52:46 cmd/web.go:105:runWeb() [I] Starting Gitea on PID: 17
2023/06/25 01:52:46 ...s/install/setting.go:21:PreloadSettings() [I] AppPath: /usr/local/bin/gitea
2023/06/25 01:52:46 ...s/install/setting.go:22:PreloadSettings() [I] AppWorkPath: /app/gitea
2023/06/25 01:52:46 ...s/install/setting.go:23:PreloadSettings() [I] Custom path: /data/gitea
2023/06/25 01:52:46 ...s/install/setting.go:24:PreloadSettings() [I] Log path: /data/gitea/log
2023/06/25 01:52:46 ...s/install/setting.go:25:PreloadSettings() [I] Configuration file: /data/gitea/conf/app.ini
2023/06/25 01:52:46 ...s/install/setting.go:26:PreloadSettings() [I] Prepare to run install page
2023/06/25 01:52:46 ...s/install/setting.go:29:PreloadSettings() [I] SQLite3 is supported
2023/06/25 01:52:46 cmd/web.go:220:listen() [I] [64979dee-6] Listen: http://0.0.0.0:3000
2023/06/25 01:52:46 cmd/web.go:224:listen() [I] [64979dee-6] AppURL(ROOT_URL): http://localhost:3000/
2023/06/25 01:52:46 ...s/graceful/server.go:62:NewServer() [I] [64979dee-6] Starting new Web server: tcp:0.0.0.0:3000 on PID: 17

Latest RC
docker run --rm -it -p 3000:3000 -p 22:22 -v ./data:/data gitea/gitea:1.20.0-rc1

Server listening on :: port 22.
Server listening on 0.0.0.0 port 22.
2023/06/25 01:54:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission
2023/06/25 01:54:12 cmd/web.go:227:runWeb() [I] Starting Gitea on PID: 17
2023/06/25 01:54:12 cmd/web.go:105:serveInstall() [I] Gitea version: 1.20.0+rc1 built with GNU Make 4.4.1, go1.20.5 : bindata, timetzdata, sqlite, sqlite_unlock_notify
2023/06/25 01:54:12 cmd/web.go:106:serveInstall() [I] App path: /usr/local/bin/gitea
2023/06/25 01:54:12 cmd/web.go:107:serveInstall() [I] Work path: /app/gitea
2023/06/25 01:54:12 cmd/web.go:108:serveInstall() [I] Custom path: /data/gitea
2023/06/25 01:54:12 cmd/web.go:109:serveInstall() [I] Config file: /data/gitea/conf/app.ini
2023/06/25 01:54:12 cmd/web.go:110:serveInstall() [I] Prepare to run install page
2023/06/25 01:54:13 cmd/web.go:289:listen() [I] Listen: http://0.0.0.0:3000
2023/06/25 01:54:13 cmd/web.go:293:listen() [I] AppURL(ROOT_URL): http://localhost:3000/
2023/06/25 01:54:13 ...s/graceful/server.go:62:NewServer() [I] Starting new Web server: tcp:0.0.0.0:3000 on PID: 17

No errors for 1.19.3, but for 1.20.0-rc1:

2023/06/25 01:54:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the cap_net_bind_service permission

Gitea Version

1.20.0-rc1

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

linux

How are you running Gitea?

docker

Database

SQLite

Originally created by @lonix1 on GitHub (Jun 25, 2023). ### Description Latest stable `$ docker run --rm -it -p 3000:3000 -p 22:22 -v ./data:/data gitea/gitea:1.19.3` ```console Server listening on :: port 22. Server listening on 0.0.0.0 port 22. 2023/06/25 01:52:46 cmd/web.go:105:runWeb() [I] Starting Gitea on PID: 17 2023/06/25 01:52:46 ...s/install/setting.go:21:PreloadSettings() [I] AppPath: /usr/local/bin/gitea 2023/06/25 01:52:46 ...s/install/setting.go:22:PreloadSettings() [I] AppWorkPath: /app/gitea 2023/06/25 01:52:46 ...s/install/setting.go:23:PreloadSettings() [I] Custom path: /data/gitea 2023/06/25 01:52:46 ...s/install/setting.go:24:PreloadSettings() [I] Log path: /data/gitea/log 2023/06/25 01:52:46 ...s/install/setting.go:25:PreloadSettings() [I] Configuration file: /data/gitea/conf/app.ini 2023/06/25 01:52:46 ...s/install/setting.go:26:PreloadSettings() [I] Prepare to run install page 2023/06/25 01:52:46 ...s/install/setting.go:29:PreloadSettings() [I] SQLite3 is supported 2023/06/25 01:52:46 cmd/web.go:220:listen() [I] [64979dee-6] Listen: http://0.0.0.0:3000 2023/06/25 01:52:46 cmd/web.go:224:listen() [I] [64979dee-6] AppURL(ROOT_URL): http://localhost:3000/ 2023/06/25 01:52:46 ...s/graceful/server.go:62:NewServer() [I] [64979dee-6] Starting new Web server: tcp:0.0.0.0:3000 on PID: 17 ``` Latest RC `docker run --rm -it -p 3000:3000 -p 22:22 -v ./data:/data gitea/gitea:1.20.0-rc1` ```console Server listening on :: port 22. Server listening on 0.0.0.0 port 22. 2023/06/25 01:54:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission 2023/06/25 01:54:12 cmd/web.go:227:runWeb() [I] Starting Gitea on PID: 17 2023/06/25 01:54:12 cmd/web.go:105:serveInstall() [I] Gitea version: 1.20.0+rc1 built with GNU Make 4.4.1, go1.20.5 : bindata, timetzdata, sqlite, sqlite_unlock_notify 2023/06/25 01:54:12 cmd/web.go:106:serveInstall() [I] App path: /usr/local/bin/gitea 2023/06/25 01:54:12 cmd/web.go:107:serveInstall() [I] Work path: /app/gitea 2023/06/25 01:54:12 cmd/web.go:108:serveInstall() [I] Custom path: /data/gitea 2023/06/25 01:54:12 cmd/web.go:109:serveInstall() [I] Config file: /data/gitea/conf/app.ini 2023/06/25 01:54:12 cmd/web.go:110:serveInstall() [I] Prepare to run install page 2023/06/25 01:54:13 cmd/web.go:289:listen() [I] Listen: http://0.0.0.0:3000 2023/06/25 01:54:13 cmd/web.go:293:listen() [I] AppURL(ROOT_URL): http://localhost:3000/ 2023/06/25 01:54:13 ...s/graceful/server.go:62:NewServer() [I] Starting new Web server: tcp:0.0.0.0:3000 on PID: 17 ``` No errors for `1.19.3`, but for `1.20.0-rc1`: > 2023/06/25 01:54:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission ### Gitea Version 1.20.0-rc1 ### Can you reproduce the bug on the Gitea demo site? No ### Log Gist _No response_ ### Screenshots _No response_ ### Git Version _No response_ ### Operating System linux ### How are you running Gitea? docker ### Database SQLite
GiteaMirror added the type/bug label 2025-11-02 09:27:34 -06:00
GiteaMirror commented 2025-11-02 09:27:35 -06:00
Author
Owner
Copy Link

@wxiaoguang commented on GitHub (Jun 25, 2023):

Please try 1.20 nightly. It has been fixed by

(there will be a rc2 soon)

@wxiaoguang commented on GitHub (Jun 25, 2023): Please try 1.20 nightly. It has been fixed by * https://github.com/go-gitea/gitea/pull/25488 (there will be a rc2 soon)
GiteaMirror commented 2025-11-02 09:27:35 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Jun 26, 2023):

Now you can also use 1.20.0-rc2

@lunny commented on GitHub (Jun 26, 2023): Now you can also use 1.20.0-rc2
GiteaMirror commented 2025-11-02 09:27:36 -06:00
Author
Owner
Copy Link

@JohnnyZhang0628 commented on GitHub (Aug 10, 2023):

Hello,I have a same question.Gitea version is 1.20.2.

5169aa85df2d:/# gitea -v
Gitea version 1.20.2 built with GNU Make 4.4.1, go1.20.6 : bindata, timetzdata, sqlite, sqlite_unlock_notify
5169aa85df2d:/# gitea doctor check
2023/08/10 08:53:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission
@JohnnyZhang0628 commented on GitHub (Aug 10, 2023): Hello,I have a same question.Gitea version is 1.20.2. ``` 5169aa85df2d:/# gitea -v Gitea version 1.20.2 built with GNU Make 4.4.1, go1.20.6 : bindata, timetzdata, sqlite, sqlite_unlock_notify 5169aa85df2d:/# gitea doctor check 2023/08/10 08:53:12 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission ```
GiteaMirror commented 2025-11-02 09:27:36 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Aug 10, 2023):

Run as a plain user.

@lunny commented on GitHub (Aug 10, 2023): Run as a plain user.
GiteaMirror commented 2025-11-02 09:27:36 -06:00
Author
Owner
Copy Link

@JohnnyZhang0628 commented on GitHub (Aug 11, 2023):

Run as a plain user.

@lunny It not work .I create user zq. I add zq to docker group. What should i do

[zq@iZuf66sx2smhrg4iqbxht1Z root]$  docker run -d  --restart=always --name=gitea -p 222:22 -p 3000:3000 -v /var/gitea:/data gitea/gitea 
6e6a83109e586966ab49e4f9045060f66223f993eeb864ed9cde17e7212afd77
[zq@iZuf66sx2smhrg4iqbxht1Z root]$ docker exec -it gitea /bin/bash
6e6a83109e58:/# gitea doctor check
2023/08/11 01:45:07 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission
6e6a83109e58:/# exit
exit
@JohnnyZhang0628 commented on GitHub (Aug 11, 2023): > Run as a plain user. @lunny It not work .I create user zq. I add zq to docker group. What should i do ``` [zq@iZuf66sx2smhrg4iqbxht1Z root]$ docker run -d --restart=always --name=gitea -p 222:22 -p 3000:3000 -v /var/gitea:/data gitea/gitea 6e6a83109e586966ab49e4f9045060f66223f993eeb864ed9cde17e7212afd77 [zq@iZuf66sx2smhrg4iqbxht1Z root]$ docker exec -it gitea /bin/bash 6e6a83109e58:/# gitea doctor check 2023/08/11 01:45:07 ...s/setting/setting.go:180:loadRunModeFrom() [F] Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission 6e6a83109e58:/# exit exit ```
GiteaMirror commented 2025-11-02 09:27:36 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Aug 11, 2023):

You used root in the container.

@lunny commented on GitHub (Aug 11, 2023): You used root in the container.
GiteaMirror commented 2025-11-02 09:27:37 -06:00
Author
Owner
Copy Link

@lonix1 commented on GitHub (Aug 11, 2023):

@JohnnyZhang0628 docker run ... -u username ...
Where username is not root.

@lonix1 commented on GitHub (Aug 11, 2023): @JohnnyZhang0628 `docker run ... -u username ...` Where `username` is not `root`.
GiteaMirror commented 2025-11-02 09:27:37 -06:00
Author
Owner
Copy Link

@qiaofeng1227 commented on GitHub (Sep 13, 2023):

Just need to change user at your Gitea container

su git gitea help
@qiaofeng1227 commented on GitHub (Sep 13, 2023): Just need to change user at your Gitea container ``` su git gitea help ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label type/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#11100
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?