In order to develop operation and maintenance tools, we use the self-built GitLab to manage all codes. The sad reminder is that I recently forgot the password of the administrator account, and there is no mail server, so I cannot receive the emails with the password retrieved, which makes it impossible to create new users or projects. In this way, will it become a "never expandable" code Library? Can it only be rebuilt?
Rebuilding can solve the problem, but it is a bit LOW. Fortunately, GitLab has left a way to modify the administrator account password, which can be considered a backdoor in a certain sense.
Try a variety of possible administrator account passwords, invalid,
Try to use the forgotten password. Since the mail server is not configured, it shows that the mail is sent, but it has no effect.
Next, try to use the "backdoor". First log in to the GitLab background server and switch to the git user,
Log in to the Rails console of GitLab (GitLab uses RoR language development),
Next, use user = User.where(id: 1).first to locate the user with id=1, which is the super administrator.
We can see from the echo that the user's email address with id=1 is admin@example .com, the password is encrypted, and all attribute information about this user, such as skype, linkedin, twitter, username, etc.
We can also use User.find_by(email:'xxx') to find the user of the specified mailbox,
Next, set the password for this user,
Save the settings, you can guess that an email will be triggered at this time to notify the changes,
Log in again,
It does,
Summary:
Any user account information of GitLab can be found from the backend Rails console, including all user attribute information. Since it uses the PG database, this information can also be retrieved from the corresponding table, which is convenient on the one hand This kind of forgotten password retrieval, on the other hand, actually opens the back door. Any user who accesses the GitLab server has a way to query or even directly modify the information of all users. It still sounds terrible, so it is convenient. And security can sometimes be a conflicting pair of contradictions.
In order to develop operation and maintenance tools, we use the self-built GitLab to manage all codes. The sad reminder is that I recently forgot the password of the administrator account, and there is no mail server, so I cannot receive the emails with the password retrieved, which makes it impossible to create new users or projects. In this way, will it become a "never expandable" code Library? Can it only be rebuilt?