gitolite/hooks/gitolite-admin/post-update
Sitaram Chamarty 1e06fea3b6 (security) a different fix in place of 5fd9328
SECURITY NOTE: if you deleted or renamed a pubkey file after 5fd9328
went in (April 12th), please:

  - upgrade asap, then
  - go to your latest gitolite-admin clone and "git push -f"

Otherwise this is not urgent.

5fd9328 (and its minor successor 813a2a9) were about preventing the
gitolite admin from sneaking in files to src/ and hooks/ into
$GL_ADMINDIR.  It seemed easy enough to do this by converting the
path-less checkout to a with-paths checkout, but this has caused a worse
problem -- deleting a keydir/foo.pub now no longer has an effect; the
file still hangs around in the work tree.

Ouch!  (and thanks to teukka for noticing)

We now do this check as a separate step, so the checkout can revert to
being path-less.
2010-04-20 19:46:27 +05:30

29 lines
943 B
Bash
Executable file

#!/bin/sh
# ensure that the admin is not sneaking in src/ and hooks/ :)
GIT_WORK_TREE=$GL_ADMINDIR git ls-tree --name-only master |
perl -lne 'exit 1 if /^(src|hooks)$/' || {
echo "*** ERROR ***" >&2
echo "no files/dirs called 'src' or 'hooks' are allowed, sorry" >&2
echo "until those files are deleted, the post-update hook will not run" >&2
exit 1
}
# checkout the master branch to $GL_ADMINDIR
# (the GL_ADMINDIR env var would have been set by gl-auth-command)
GIT_WORK_TREE=$GL_ADMINDIR git checkout -f master
od=$PWD
cd $GL_ADMINDIR
$GL_BINDIR/gl-compile-conf
cd $od
ADMIN_POST_UPDATE_CHAINS_TO=` cd;perl -e 'do ".gitolite.rc"; print $ADMIN_POST_UPDATE_CHAINS_TO'`
[ -n "$ADMIN_POST_UPDATE_CHAINS_TO" ] || ADMIN_POST_UPDATE_CHAINS_TO=hooks/post-update.secondary
if [ -f $ADMIN_POST_UPDATE_CHAINS_TO ] || [ -L $ADMIN_POST_UPDATE_CHAINS_TO ]
then
exec $ADMIN_POST_UPDATE_CHAINS_TO "$@"
fi