From 9ca7d3014f1025e682fbfd57c124750ca5161fab Mon Sep 17 00:00:00 2001 From: Guan Gui Date: Wed, 21 Dec 2016 16:31:52 +1100 Subject: [PATCH 1/2] Added escape for angle brackets in email_from This solved the "[ERROR] [password.go:83]: Send email failed: 555 5.5.2 Syntax error. b192sm9510409pga.30 - gsmtp" error. --- docs/installation_guide.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/installation_guide.md b/docs/installation_guide.md index f5bc43156..5fd885df0 100644 --- a/docs/installation_guide.md +++ b/docs/installation_guide.md @@ -56,7 +56,7 @@ The parameters are described below - note that at the very least, you will need * email_server_port = 25 * email_username = sample_admin@mydomain.com * email_password = abc - * email_from = admin + * email_from = `admin \` * email_ssl = false * **harbor_admin_password**: The administrator's initial password. This password only takes effect for the first time Harbor launches. After that, this setting is ignored and the administrator's password should be set in the UI. _Note that the default username/password are **admin/Harbor12345** ._ @@ -288,4 +288,4 @@ And run the following commands to restart Harbor: $ sudo docker-compose down $ sudo ./prepare $ sudo docker-compose up -d -``` \ No newline at end of file +``` From 8ab45d439b7b1affd6679248366e3b4a4f074a68 Mon Sep 17 00:00:00 2001 From: Aron Parsons Date: Wed, 1 Mar 2017 11:08:51 -0500 Subject: [PATCH 2/2] label volumes for SELinux allow Harbor to run when dockerd is running with --selinux-enabled example AVC denials: type=AVC msg=audit(1488384855.681:154671): avc: denied { read } for pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384855.681:154671): avc: denied { open } for pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384855.687:154672): avc: denied { append } for pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384856.895:154702): avc: denied { remove_name } for pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir type=AVC msg=audit(1488384856.926:154703): avc: denied { lock } for pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384857.958:154736): avc: denied { open } for pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384858.089:154737): avc: denied { read } for pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file type=AVC msg=audit(1488384858.089:154737): avc: denied { open } for pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file --- make/docker-compose.tpl | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/make/docker-compose.tpl b/make/docker-compose.tpl index dfe1cc8e9..2ea6d49f4 100644 --- a/make/docker-compose.tpl +++ b/make/docker-compose.tpl @@ -5,7 +5,7 @@ services: container_name: harbor-log restart: always volumes: - - /var/log/harbor/:/var/log/docker/ + - /var/log/harbor/:/var/log/docker/:z ports: - 1514:514 registry: @@ -13,8 +13,8 @@ services: container_name: registry restart: always volumes: - - /data/registry:/storage - - ./common/config/registry/:/etc/registry/ + - /data/registry:/storage:z + - ./common/config/registry/:/etc/registry/:z environment: - GODEBUG=netdns=cgo command: @@ -31,7 +31,7 @@ services: container_name: harbor-db restart: always volumes: - - /data/database:/var/lib/mysql + - /data/database:/var/lib/mysql:z env_file: - ./common/config/db/env depends_on: @@ -48,9 +48,9 @@ services: - ./common/config/ui/env restart: always volumes: - - ./common/config/ui/app.conf:/etc/ui/app.conf - - ./common/config/ui/private_key.pem:/etc/ui/private_key.pem - - /data:/harbor_storage + - ./common/config/ui/app.conf:/etc/ui/app.conf:z + - ./common/config/ui/private_key.pem:/etc/ui/private_key.pem:z + - /data:/harbor_storage:z depends_on: - log logging: @@ -65,8 +65,8 @@ services: - ./common/config/jobservice/env restart: always volumes: - - /data/job_logs:/var/log/jobs - - ./common/config/jobservice/app.conf:/etc/jobservice/app.conf + - /data/job_logs:/var/log/jobs:z + - ./common/config/jobservice/app.conf:/etc/jobservice/app.conf:z depends_on: - ui logging: @@ -79,7 +79,7 @@ services: container_name: nginx restart: always volumes: - - ./common/config/nginx:/etc/nginx + - ./common/config/nginx:/etc/nginx:z ports: - 80:80 - 443:443