Commit graph

104 commits

Author SHA1 Message Date
Sitaram Chamarty d3b2dda5df fork ADC: stop carrying along non-gitolite hooks
When someone adds a repo-specific hook to their repo, then create a
'fork' via the fork ADC, this repo-specific hook also get carried
across, but should not.
2012-02-29 13:23:58 +05:30
Sitaram Chamarty 1839520134 3 new VREFs plus doc
- 'dupkeys' -- catch duplicate keys in keydir
  - 'email-check' -- "you can only push your own commits"

plus, 'merge-check' -- how we could have done the no-merges policy
2012-02-26 19:27:33 +05:30
Sitaram Chamarty e1a78fdbbc 'filetype' VREF 2012-02-26 09:04:30 +05:30
Sitaram Chamarty 56f975d14c vref: code
- compile: VREF/ is special, like NAME/
  - update hook: use a new "check_vrefs" sub to
      - spawn helpers for each vref in @allowed_refs
      - for each vref returned by the helper, call check_ref
2012-02-26 09:04:30 +05:30
Sitaram Chamarty 6baa57b5a0 replace <<EOF type constructs with multi-line echo
This compensates for an selinux bug reported on #gitolite by John Hawley
(warthog9).  sh/bash uses a tempfile to do this, which in turn causes
some problems in selinux; I really don't [need to] know more than that.

*Technically* this is a bug in selinux/policy, and would qualify for an
entry in "nagp"... but:

(1) the changes are small and localised
(2) the problem makes gitolite -- currently -- unusable with selinux,
    and what use is a security program which can't run under selinux
    (regardless of whose fault it is)?

and finally

(3) if I can't break my own rules for one of my most high-profile users
    then what's the point of owning the code?

:-)

----

Implementation notes: I've only done this for code that is likely/meant
to be used in production

I also slip-streamed in a URL fix (from when I changed all the online
document rendering)
2012-02-14 11:41:13 +05:30
Sitaram Chamarty 520eff6189 added ADC overrides for setdesc and getdesc
John from kernel.org wanted this; for details see [1]

[1]: http://groups.google.com/group/gitolite/browse_thread/thread/daf92ef85d121234
2012-02-07 06:26:57 +05:30
Stefan Naewe a06235e536 adc: make 'help' work when HELP_LIST_DEFAULT is set to 0
Signed-off-by: Stefan Naewe <stefan.naewe@gmail.com>
2012-01-12 10:14:43 +05:30
Sitaram Chamarty 7e02a13a60 (minor fixup to the github "_" adjustment) 2012-01-02 15:56:28 +05:30
Luis Lloret f0d712ed4e Add README file that points to emacs major mode for gitolite.conf files. 2011-12-13 22:20:20 +05:30
Sitaram Chamarty 8067c8e532 partial-copy: test script uses new 'Tsh' now 2011-12-05 10:23:34 +05:30
Sitaram Chamarty bd789c029b (git version change causes change in some output) 2011-11-27 08:43:36 +05:30
Tomas Paladin Volf b6ba3cc975 (password access) specify comment field in generated ssh pub key
since gl-shell-setup runs as root, the comment in the generated key was
'root@...' instead of whatever userid it was being created for.

This does not affect gitolite or ssh but it seems some people don't
treat "comment" and "comment" and actually *do* stuff with it.

(only code is from author; commit message is from committer)
2011-11-27 08:24:06 +05:30
Sitaram Chamarty af6820a94b new functions (can_*, is_admin, in_group) for ADCs
(can_* == can_read, can_write, and can_create)

See top of contrib/adc/adc.common-functions for more on this.

Note: the old style (calling get_rights_and_owner with $repo, then
checking $perm_read, $perm_write, etc.), will still work fine.
2011-11-22 19:31:41 +05:30
Sitaram Chamarty a103417da2 (password access) backward compat breakage for gl-shell-setup; read below
gl-shell-setup has a "run as hosting user" piece that basically
automates the adding of the user's (new) key to the admin repo.

This is now gone.  (It's not that hard to automate yourself if you want
to do it anyway, using gl-admin-push).

I did this because I needed to allow someone in through a gateway, and
realised that that has the exact same needs.  So the whole scheme has
been changed to treat the proxy and the gitolite host as being two
different servers.

At that point it became cumbersome to do the second bit, and I left it
out.

Other changes:
  - you can define exceptions for the default shell in gl-shell
  - the doc has been simplified.
2011-11-15 17:20:17 +05:30
Sitaram Chamarty f3eae5e170 maintaining a partial copy of a repo...
...with gl-pre-git and update.secondary hooks
2011-11-09 20:02:10 +05:30
Sitaram Chamarty 6e29365316 MASSIVE set of changes to documents!
I got tired of being told "TL;DR".  Now the online versions of most
documents fit on a page or two, or at least most of them do.  The rest
has been split out (and you can see the links to the split out sections
right where the text is in the raw Markdown).

This is much more pleasant to read, and I've improved the linking so
it's much less effort for me to keep the links correct.
2011-11-02 21:04:33 +05:30
Sitaram Chamarty 877c6625dc minor docfixes
typos, minor clarifications, removing outdated stuff that got missed,
adding some emphasis here and there, re-phrasing some places, etc.
2011-10-30 09:11:04 +05:30
Sitaram Chamarty 200db6e486 user-manual added ("user" as opposed to "admin")
Normally, I use the word "user" in gitolite to mean *my* users, who are
actually admins on their setups.  All my documentation has been geared
to that class of person.

Last night my most famous "user" (not "admin", a real gitolite user)
mentioned that he found it very hard to find info on what a *user* could
do, and he was right.  So here goes...
2011-10-29 06:28:33 +05:30
Sitaram Chamarty f050938171 (minor) add a warning to rsync ADC
...in case someone wants to make it "ua"
2011-10-20 16:39:18 +05:30
Jeff Mitchell 1a6fa8b718 Add option to have "list" be the default action for the help ADC 2011-10-18 09:27:21 +05:30
Joey Hess e2d9ce6368 update documentation for git-annex-shell ua ADC 2011-10-18 08:13:57 +05:30
Sitaram Chamarty d750725a34 fix rsync adc to call check_access the correct way...
also a test fix
2011-10-17 22:10:18 +05:30
Sitaram Chamarty 85da5572b2 some nice ADC changes... (warning: minor backward compat breakage)
- support for ADCs with unchecked arguments
  - rsync, htpasswd, and svnserve gone from core; turned into ADCs

Backward compat breakage and fix: Please see documentation for details,
but if you're using gitolite to control rsync you will now need to setup
ADCs (admin defined commands), and install at least the new "rsync" ADC.

----

Thanks to Joey Hess (see commit prior to this) for forcing me to stop
being lazy and get this out of my long term todo list.
2011-10-17 18:42:57 +05:30
Joey Hess 955edcc5ec git-annex support via unrestricted ADC 2011-10-17 17:33:03 +05:30
Sitaram Chamarty 5e3a051a95 "deny" rules for entire repo
- strictly speaking, this should be phrased: "deny" rules for the
    first level access check

  - requires a gitolite option to be set, like so:

        config gitolite-options.deny-repo = 1
2011-10-10 14:18:49 +05:30
Sitaram Chamarty 22bd3c8e72 (projects.list changes) collect gitweb-specific stuff in one place
also
  - new "WEB_INTERFACE" variable (defaults to 'gitweb')
  - setup_web_access (write a plain list of repos out)
  - add_del_web_access (add/delete a single repo from projects.list)
2011-10-06 19:32:09 +05:30
Sitaram Chamarty 2056c95917 from-client (gl-easy-install) is now obsolete 2011-09-29 07:31:43 +05:30
Sitaram Chamarty 8b501a1872 (doc) assorted docfixes 2011-09-28 04:23:32 +05:30
Sitaram Chamarty a2fd597c51 'symbolic-ref' ADC replaces and obsoletes 'set-head'
set-head was too specific.  See comments in symbolic-ref for more on
this ADC, but basically it lets you run 'git symbolic-ref' on a repo
that you have write access to.

(in response to http://comments.gmane.org/gmane.comp.version-control.git/182067)
2011-09-26 19:43:57 +05:30
Sitaram Chamarty 7b8866dbf6 (password access) can now do ADCs also
idea credit Jeff (though I'm sure he didn't ask this on behalf of the
KDE folks ;-)
2011-09-16 09:15:42 +05:30
Sitaram Chamarty 32417b5b39 (password access) make the hostkey thing less of a problem...
...for the code, not for the admin ;-)

OK that sounds nasty but really it's not that bad.  We're replacing some
code with a one-time step for the admin which is also likely to be more
future-proof.

idea credit: Teemu
2011-09-16 09:01:42 +05:30
Sitaram Chamarty c69c10366d password access to gitolite using real users 2011-09-15 14:52:38 +05:30
Sitaram Chamarty c41fcc2653 added doc and helper for complex mirroring setups, to contrib 2011-09-02 22:41:27 +05:30
Sitaram Chamarty 10985cb534 repo_rights is no longer a kosher *public* interface
so remove the last vestiges of it from the contrib area
2011-09-02 22:41:27 +05:30
Sitaram Chamarty b649536847 (minor) fixed some broken links due to 867b34f
thanks to j416 for catching this...
2011-07-18 21:06:14 +05:30
Sitaram Chamarty 6ad6bf95e6 (adc) change quoting when calling cli_repo_rights from shell
otherwise repo names containing "@" in them were causing the @foo part
to be interpolated (as empty of course) instead of being taken literally

reported by silvio dot fricke at googlemail
2011-06-26 11:33:56 +05:30
Sitaram Chamarty fda9f37b3a die() needs to be defined in post-update hook
(and in one other place it needs to be defined earlier)

I never caught this because in my testing those error conditions --
caused by lack of afc3a06 -- never came up.
2011-06-19 06:54:52 +05:30
Sitaram Chamarty cf1987e747 (sskm) document courtesy Jeff Mitchell
I'd originally written some minimal documentation for this ADC, but I
liked Jeff's version so much that I borrowed it, added the final section
("important notes for the admin"), made a few other minor fixups, and
then happily ditched my version.
2011-06-01 20:17:55 +05:30
Sitaram Chamarty d402b093b7 (sskm) hush output from internal git commands
(the ones that require GL_BYPASS_UPDATE_HOOK to be set are done slightly
differently because I just didn't want all the hassle of saving and
restoring that variable on the perl side)
2011-06-01 12:16:23 +05:30
Sitaram Chamarty 4942fdbe0e (sskm) not finding a key in the list is not always fatal...
[caught by Jeff...]
2011-06-01 12:16:23 +05:30
Sitaram Chamarty 9e01778796 (sskm) self-service key management -- new adc
based on a discussion with Jeff from the KDE team; see doc for more.
2011-06-01 12:16:19 +05:30
Sitaram Chamarty 867b34f32c (doc) ADCs now have an overview doc, plus...
- repo-deletion is now a proper doc
  - other doc enhancements and clarifications
2011-05-12 09:33:19 +05:30
Sitaram Chamarty 18c69e8612 su-getperms and su-setperms 2011-05-08 11:22:42 +05:30
Sitaram Chamarty 89b68bf5ca new adc to allow deleting a branch that you created; see below
The need for this comes about as follows:

  - a project may allow its developers "RWC" (or "RW+C") so that they
    can create feature branches when needed.  Note that these are
    *feature* branches, so they can't use the "personal branches"
    mechanism that gitolite already has.

  - the developers are *not* given RWCD (or RW+CD) to prevent accidental
    deletion of an important branch.  Branch *deletion* is something
    that only a few trusted admins can do.

  - as a result, there are sometimes situations where a developer
    creates a misnamed branch and then has to ask the admins to help get
    rid of it.

What the KDE folks wanted was a way to allow the creator of a branch to
be able to delete it.  In addition, they needed this allowed only for a
fixed duration after the creation of a branch, not forever (for the same
reason they don't get RWCD, to prevent accidents).

These are my reasons why this feature is implemented as an ADC instead
of being "in core":

  - we'd need additional syntax to differentiate this special case
    (which is sort of in between RWC and RWCD, if you think about it).

    I'm reluctant to complicate the syntax further for something that is
    only occasionally needed.

  - we'd need either (a) code to parse the log files, or, (b) code to
    maintain "who created this ref" on every push that creates a ref.

      - parsing the log files is too kludgy and inelegant to be in core,
        not to mention potentially very slow for really large projects

      - code to maintain the a history of "who created this ref" is too
        cumbersome, especially because of the need to expire old entries
        after a time.
2011-05-02 07:15:12 +05:30
Sitaram Chamarty 0d1e05c7e1 "hooklets" -- play nice with any number of site-local 'update' hooks
(yes, I made up the name.  Deal with it!)
2011-04-29 04:47:30 +05:30
Sitaram Chamarty 6a51bae400 update s3backup adc to disable pushes first
(ref http://sitaramc.github.com/gitolite/doc/3-faq-tips-etc.html#_disabling_write_access_to_take_backups)

code from David Bremner via email
2011-04-24 15:14:37 +05:30
Sitaram Chamarty 12ab89abc6 Thomas Berezansky contributed a doc on using putty 2011-03-25 11:15:33 +05:30
Sitaram Chamarty e73f1cea93 'hub' adc request-status subcommand can ask for details by request-number 2011-03-13 16:57:54 +05:30
Sitaram Chamarty 719edd007c 's3backup' adc contributed by David Bremner 2011-03-13 09:37:50 +05:30
Sitaram Chamarty c3787e2d17 hub adc had an unused extra return value from check_access; fixed 2011-03-13 09:37:50 +05:30