Commit graph

240 commits

Author SHA1 Message Date
Sitaram Chamarty 75387fd6cb v3.03 2012-05-23 04:34:07 +05:30
Sitaram Chamarty 5298a79cb5 MAJOR BUGFIX: disallow "hooks" directory in admin repo
Although this is not a "hole" that allows a normal user to bypass
controls, I still consider this a hole in the sense that I want to
separate "admin push" rights from "shell access on server" rights.

(I realise that most people don't make this distinction, but I do, and
for me and most sites I consult for it is important).

Thanks to drue on #gitolite who pointed it out excitedly, and apologies
for killing what he thought of as a feature!
2012-05-23 04:33:54 +05:30
Sitaram Chamarty dd083085cf (fix bugly) info -ld should handle missing description files more gracefully
bugly = bug that makes the output ugly :)
2012-05-23 03:37:52 +05:30
Sitaram Chamarty 2907561529 (minor) solaris doesn't like "shift" when there are no arguments remaining 2012-05-22 13:17:10 +05:30
Sitaram Chamarty 55d64752ae fix repo alias to work when reponame has leading "/"
as in git@host:repo.git works but ssh://git@host/repo.git doesn't
2012-05-22 11:57:40 +05:30
Sitaram Chamarty b6ce11a19f (minor) permissions fixup -- sugar scripts do not need +x 2012-05-22 07:06:41 +05:30
Sitaram Chamarty b12a967272 update g2 compat and migr info
thanks to karihre on #gitolite for catching the first of the corrections
(GL_GET_MEMBERSHIPS_PGM) and so reminding me...
2012-05-22 07:05:33 +05:30
Sitaram Chamarty d04e79d291 (minor) single quotes around variables in error messages
(plus a couple of other minor fixups)
2012-05-21 17:44:30 +05:30
Sitaram Chamarty 20d2120ea5 move input command check so it works for non-ssh modes also 2012-05-21 15:24:40 +05:30
Sitaram Chamarty 3a59f5aff0 line up regexes for easier review 2012-05-21 15:24:40 +05:30
Sitaram Chamarty 8aba6ec2be v3.02 2012-05-20 16:42:43 +05:30
Sitaram Chamarty 72b6a54e0a test packaging instructions and make required changes 2012-05-20 14:21:23 +05:30
Sitaram Chamarty 27c0190b76 packaging instructions make analogy with git for better explanation 2012-05-20 06:38:18 +05:30
Sitaram Chamarty 8644690506 (ssh) make it easier to make give some users a full shell 2012-05-19 06:01:05 +05:30
Sitaram Chamarty 07169c37ec allow aliasing a repo to another name
all documentation is inside Alias.pm.
2012-05-19 06:01:05 +05:30
Sitaram Chamarty bc3eb34211 simulate POST_CREATE for newly created "normal" repos
See "background" in new program src/triggers/new-normal-repos
2012-05-16 18:55:06 +05:30
Sitaram Chamarty 17a680e0f6 (collected docfixes) 2012-05-16 18:54:52 +05:30
Sitaram Chamarty e511943a45 just for kicks, a VREF that allows voting on changes to a branch
(manually smoke tested; no test script)

I've been meaning to do this for a while, since someone told me that is
one of gerrit's features they like.

Of course, gitolite can't/won't do the whole "code review" thing (nor
the workflow enforcement that follows).

But voting is simple -- literally 2-3 lines of code in a VREF.  (The
rest is inline documentation).
2012-05-10 12:28:37 +05:30
Sitaram Chamarty fa2893be7c the dupkeys function was already in ssh-authkeys...
...so there's no need for the VREF.

Ironically, while I was arguing with Eli that I wouldn't do it and why,
the code was *already* there, and had been for over a month!  (It must
have been there for much longer for me to have forgotten!)

TODO: convert from using fingerprint compute to actual key strings when
the complaints about speed start appearing.

My own personal speed up loop [1] I guess :)

[1]: http://thedailywtf.com/Articles/Classic-WTF-The-Speedup-Loop.aspx
2012-05-07 15:08:46 +05:30
Sitaram Chamarty 699bafa096 (minor fixup to t/info.t) 2012-05-06 19:06:11 +05:30
Sitaram Chamarty e76be7ff11 move repo/user validity check deeper
(but change repo check to allow repoPATT instead of just repoNAME)

This is because there are/will be some situations where access() is
called without those two checks being done (i.e., it is not only from
src/commands/access that it is called).
2012-05-06 19:02:42 +05:30
Sitaram Chamarty 196706c145 bugfix: smart http mode wasn't running pre_ and post_ git triggers
(while we're about it, we also steal Michael Brown's idea (patch #2 in
[1] and get rid of GIT_HTTP_BACKEND).

[1]: http://groups.google.com/group/gitolite/msg/adfae758dd28f2a8
2012-05-05 18:07:15 +05:30
Sitaram Chamarty 6d057fb84c allow info to print description also 2012-05-04 18:13:42 +05:30
Sitaram Chamarty d8df4a9344 git-config bugfix + backward compat breakage in usage of 'config'
(1) the backward compat breakage: you can't create empty-valued config
    keys anymore.  That is, you can't do the eqvt of the following shell
    command using gitolite

        git config foo.bar ""

(2) fixed a bug where this:

        repo foo
            config foo.bar =

    when queried using

        gitolite git-config -r foo .

    would return even the empty valued ones, which -- remember! -- are
    not supposed to exist anymore.

    Fixing this bug allows situations like this to not show the admin
    repo in gitweb:

        repo [a-z].*
            config gitweb.owner = P-h B

        repo gitolite-admin
            config gitweb.owner =

----

background...

Somewhere in g3 (well actually in 057506b), we lost the ability to
distinguish
    config foo.bar  =   ""
from
    config foo.bar =

I decided that conflating them is more intuitive for most people,
because a survey [1] revealed that no one seemed to want the equivalent
of the following shell command:

----

[1] ...of a (small prime greater than 1) number of people on #git
2012-05-04 17:30:22 +05:30
Andreas Stenius 47a0c44540 migrated htpasswd command from g2.
(with some fixups by committer)
2012-05-03 11:04:22 +05:30
Sitaram Chamarty 49d132a969 minor fix to info command output under httpd...
when running under httpd, $ENV{USER} is not set, so we use a (hopefully
informative) default to print.

Thanks to Thomas Hager (duke at sigsegv dot at) for catching this.
2012-05-01 15:06:06 +05:30
Sitaram Chamarty c145528849 (minor typo fix) 2012-05-01 14:20:13 +05:30
Sitaram Chamarty 850882c1a6 allow VREF code to print to STDOUT...
Using a g2-style "chained update hook" as a VREF doesn't *quite* work:

  - all STDOUT from the hook is lost
  - worse, all lines get parsed as a ref followed by a message, and if
    the ref doesn't look like a ref it dies

So now we do all this only if the message starts with 'VREF/'.  Any
other output is just printed out as is.
2012-04-30 06:02:17 +05:30
Sitaram Chamarty 88c8d774d0 v3.01 2012-04-29 05:56:40 +05:30
Thomas Hager 88b4c86c38 Added instructions to make repositories available via http and ssh
This patch adds instructions for configuring Gitolite and Apache 2.x
to make repositories available to both ssh and http clients.

[minor fixups by committer]
2012-04-28 22:58:09 +05:30
Sitaram Chamarty 48ed4deb8f BSD compat changes
thanks to milki for all the efforts!

Details:

  - partial-copy fell afoul of BSD not having $RANDOM
  - test suite: fix bad GNU sort with good perl sort
  - test suite: fix md5sum dependency (which BSD doesn't have or can't
    easily have or requires extra options or whatever...), by doing it
    in perl.  (Requires Digest::MD5, which is probably available
    anyway, but since this is only for the test suite, meh!)
2012-04-28 22:58:09 +05:30
Sitaram Chamarty e919a0b7ca solaris doesn't like 'hostname -s'...
(luckily, unlike linux, it doesn't spew a usage message to STDOUT!)
2012-04-28 12:04:51 +05:30
Sitaram Chamarty 7d6b04605d fix test suite's dependency on time zone
I had not remembered that the 'tc' subcommand in tsh adds *text* that
contains the current time, so commit SHAs were changing.

Thanks to milki for catching this, and in fact being the only person who
ever appears to have attempted to run the test suite at all!
2012-04-28 04:55:49 +05:30
Sitaram Chamarty eabcf83dee (minor) add titles to rendered HTML docs 2012-04-26 16:37:48 +05:30
Sitaram Chamarty a952f2d627 add COPYING file
(from http://www.gnu.org/licenses/gpl-2.0.txt)

thanks to Jon Ciesla for catching this omission...
2012-04-26 16:06:03 +05:30
Sitaram Chamarty e0ed14172b add migration example, plus some other little mig doc fixes 2012-04-24 15:07:08 +05:30
Sitaram Chamarty 9e1cb5936c (some docfixes) 2012-04-24 14:10:40 +05:30
Sitaram Chamarty 5d366b5c0e new VREF: MAX_NEWBIN_SIZE (manual spot testing only) 2012-04-23 17:27:00 +05:30
Sitaram Chamarty d74f596e23 make can_write() in Easy.pm more flexible 2012-04-23 17:27:00 +05:30
Sitaram Chamarty 198dcfd4c8 POST_CREATE efficiency... (please read below if you care)
The POST_CREATE trigger is called when

  * a user creates a new "wild" repo,
  * a user uses the "perms" command, and
  * a user uses the "fork" command.

The trigger calls 3 programs (see rc file):

    post-compile/update-git-configs
    post-compile/update-gitweb-access-list
    post-compile/update-git-daemon-access-list

(They are also called by the POST_COMPILE trigger, by the way.)

However, the 3 programs shown are a bit wasteful -- they run through
*all* the repos when really only *one* repo has been affected.

This patch

  * passes the repo name to the 3 programs (duh!)

  * adds the optimisation to the first of the 3 programs listed above
    (the one dealing with 'git config').

For the other two programs (gitweb and git-daemon), you have 3 choices:

  * if you don't have too many repos, ignore the problem.

  * take out the 2nd and 3rd lines from the POST_CREATE list in the rc
    file, so they don't run.

    Then run 'gitolite trigger POST_COMPILE' from cron at regular
    intervals.  (Note that is POST_COMPILE not POST_CREATE!)  However,
    this means that gitweb and daemon permissions won't be current
    immediately after someone adds a new repo or sets perms etc.; they
    get updated only on the next cron run.

  * patch the programs to add this optimisation (and send me the
    patches).  The optimisation would check if arg-1 ($1 in shell,
    $ARGV[0] in perl) is 'POST_CREATE', and if it is, take the *next*
    argument as a repo name that may have changed.
2012-04-22 22:44:39 +05:30
Sitaram Chamarty 895b3614ed (minor) add a bit more detail on usage text for 'info' 2012-04-22 22:43:45 +05:30
Sitaram Chamarty 6b65e7853f (minor) add quotes to make repo name stand out in error message 2012-04-22 22:43:45 +05:30
Sitaram Chamarty 1ad0a761f7 install should fail more gracefully if the '-ln' directory does not exist
thanks to EugeneKay for catching this
2012-04-22 22:43:27 +05:30
Sitaram Chamarty c3ec518cef fork command, and some core changes to make it work...
- access command allows checking ^C
  - ^C check will fail when the repo exists
2012-04-22 16:56:21 +05:30
Sitaram Chamarty cf3dd885fc (some docfixes) 2012-04-21 22:29:56 +05:30
Thomas Hager 3a7b547759 replaced /bin/echo with printf, Solaris echo doesn't recognize -n
gitolite setup fails to check admin pubkey, because $text always
contains 2 or more lines after tsh_try() (the key and -n).

[committer adds:
    I wasn't sure if 'printf' would work on cygwin, so I chose what
    looked like a safer option, but apparently it wasn't safe enough and
    fell afoul of Solaris.

    Anyway I managed to check (using a small test program) with someone
    who runs gitolite on cygwin, and it works.

    If you're wondering why I didn't just use echo followed by chomp(),
    that would of course have been the easy way out but I wanted to see
    how you'd do it without a post-processing option.  It became a
    frustrating challenge of sorts because it seems such a trivial thing!
]
2012-04-18 14:19:51 +05:30
Thomas Hager aaccb367ec changes to support Solaris default shell
Solaris default bourne shell does not recognize $(), and does not allow
exporting a variable and assigning a value to it in one step.
2012-04-18 13:42:50 +05:30
Sitaram Chamarty 51833fccfb added new changelog 2012-04-18 06:53:50 +05:30
Sitaram Chamarty 2c8e0dfd2f (doc) general cleanup of docs 2012-04-18 06:39:17 +05:30
Sitaram Chamarty 95e6c2ae8b (doc) switch from mindmap to mkd...
we don't need the flexibility any more
2012-04-18 06:38:33 +05:30