From Fedora Project Wiki

< Infrastructure

Revision as of 21:53, 23 November 2023 by Justinz (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This page covers the details on how to obtain and use your personal space on, a site where Fedora contributors can upload files to share with the world. It is perfect for uploading specfiles, SRPMs, patches, or personal Git repositories.

Forbidden contents

  • Do NOT distribute anything on that Fedora itself cannot distribute for legal reasons. Nothing on the ForbiddenItems list or otherwise non distributable by Fedora.
  • Do NOT upload your private ssh keys. While the Fedora Infrastructure Team works hard on keeping the servers secure, break-ins will happen and private keys uploaded can be downloaded and brute-forced easily. Private .ssh keys found during an audit will be deleted.

Accessing your space

  1. You need an active Fedora account
  2. You must be part of at least one group (other than the CLA group) in the Fedora account system. Often annotated as CLA+1
  1. You need to generate a ssh key (ssh-keygen -t rsa).
  2. Upload the ssh key into your Fedora account. To upload, visit this link and select your key file using the Public RSA SSH key field. Oftentimes, your public key can be found in your home directory under .ssh/ The ssh key will become activated within 20minutes after it is uploaded.
  3. To connect, use the ssh key you uploaded into your Fedora account:
ssh -i ~/.ssh/id_rsa <your_username>
Updating your SSH public key
If you want to update your SSH public key in, do NOT manually edit your .ssh/authorized_keys file. Go through the usual FAS account edit page and wait for it to be updated, or you will be locked out of your account.
  1. You will need to make a public_html directory for your files: mkdir ~/public_html
  2. You will need to set permissions so the webserver can read them: chmod 0755 ~/public_html (This sets your home directory and public_html directories readable by the webserver)
  3. You may wish to make a 'index.html' file in public_html

Common answers

  • Each Fedora contributor has 2000000 KiB (approximately 1954 MiB) of quota-controlled space.
  • If you run out of space, you should clean up files you don't need. If you cannot clean anything up, you should contact Fedora Infrastructure team to raise your quota.
  • You need to change the permissions for your home directory to at least 711 to make it viewable.
chmod 711 $HOME
  • To make a publicly viewable space, create a public_html directory and set its permissions to 755. Your home ~/ directory must be exectuable for the webserver to see your public_html folder.
  • Fedora people is NOT to be used for development or repository creation. Repositories will need to be created elsewhere and uploaded via scp or rsync.
  • DO NOT try to use sudo to install packages you "need". Unless you are in the Infrastructure group and have gotten approval from sysadmin-main, extra packages are not to be installed on
  • Upload files using scp, sftp, or rsync.
Using Nautilus
If you use GNOME, visit this page for an easy way to connect to your space.
Using Dolphin or Konqueror
If you use KDE, type s in your file manager address bar for an easy way to connect to your space.
Using Thunar
If you use XFCE, press CTRL + L to bring up the Open Location dialogue and then enter s in Location field for an easy way to connect to your space. PCManFM also works

To copy files from the command line, you can use scp

scp /path/to/file

  • Once files are uploaded into the user's public_html directory, the files will become available at:
  • Give other users access to read/write/etc files by using extended ACLs. Read man pages for setfacl and getfacl for adding them to your dirs/files. This gives the user your_username read and write access to file:
setfacl -m u:your_username:rw file git hosting support now has support for hosting git repositories. This includes access via the git:// protocol for anonymous downloads as well as providing the cgit web interface.

Here is a quick rundown of how to get started with git on It assumes that you are already somewhat familiar with git. You might want to take a look at the Git quick reference.

Create a ~/public_git directory on

ssh "mkdir ~/public_git; /sbin/restorecon -Rv ~/public_git"

Creating a new git repository in ~/public_git

As an example, here is one method to create an empty repository on your local system and upload it:

git init --bare repo.git
scp -r repo.git/

This creates a bare repository (i.e. a repository that has no working directory). It contains just the files that are part of the .git directory of a non-bare git repository (the kind most users are accustomed to seeing).

Repository name must end with ".git"
cgit will not list repos that do not end with ".git".

Additionally if you wish your repository to show up in the cgit web interface, you must run the following command for any repositories you wish to appear there by default:

touch ~/public_git/yourgitrepo.git/git-daemon-export-ok

Uploading an existing repository to ~/public_git

If you have an existing repository you want to use on, you can do so easily:

git clone --bare /path/to/local/repo repo.git
scp -r repo.git/

The caveats from the previous section apply here as well.

Pushing to your repository

To push changes from a local repository:

cd /path/to/local/repo
git remote add fedorapeople
git push --mirror fedorapeople

This creates a mirror of your local repository. All of the branches and tags in the local repository will be pushed to the repository.

If you only want to push selected branches, amend the git push example. For example, to push only your local master branch:

git push fedorapeople master

Allowing others to push
You can allow other users to push to your repository using extended ACLs (see setfacl(1) man page for details). However, if you have many others working on your project, using Pagure is strongly preferred.

Cloning your repository

To clone your repository, use a command similar to:

git clone git://

It is also possible to clone your project via the http:// protocol. In order for this to work, you must arrange to have git-update-server-info run whenever you update your repository. Typically, this is done with a post-update hook script. However, the user home directories on are mounted with the noexec option, which prevents the script from running. Instead, you may create a symbolic link to git-update-server-info in the hooks directory of your repository:

cd ~/public_git/repo.git/hooks
ln -svbf $(git --exec-path)/git-update-server-info post-update
git update-server-info

You also need to create a link from ~/public_html/git to ~/public_git:

cd ~/public_html
ln -svbf ../public_git git

You can clone your repository over http:// with a command similar to:

git clone

git:// versus http://
Only clone via http:// if you are behind a firewall that prevents git:// from working. The git:// protocol is faster and more efficient than the http:// protocol for git usage.

Browsing your project via cgit

You can see your project listed in cgit once the project list updates. This happens hourly.

Repository description
You can set the description for the repository that is displayed in cgit by editing the description file in your repository.

Shared repository

If you want to give access to your repository to other users you can do this with ACLs.

setfacl -R -m u:<user>:rwX <repo.git>
find <repo.git> -type d | xargs setfacl -R -m d:u:<user>:rwX

Enable per-repo upload-archive

If you want to allow your repository to be accessible via git archive --remote, you will need to set set the following in your repository's config file:

uploadarch = true


Viruses servers are regularly scanned for viruses, including people's home directories, because of the nature of providing download of user-uploaded files on a Fedora domain name. As soon as a virus is reported by the scanners, they will be scanned again by another scanner to make sure they're actual viruses (and not just an overly active scanner). If the second opinion also reports the file as being a virus, the file will be moved to a non-public facing directory, and the owner will be notified. If the user has not yet responded after a week, the file will be deleted.