问题描述
我用Apache和一个脚本检索我的组,安装gitolite。
我可以有效地控制谁可以进入存储库,但谁不能读取。目前,如果我没有在存储库上设置R = @all规则,那么没有人可以读取它,甚至是被其他规则匹配的人。
我有以下gitolite配置:
回购测试
R = @ git-reader-test
R = olivier
#R = @all#将工作,如果我取消注释此行
RW + = @developers
我的wapper脚本调用gitolite具有以下代码
echo输入gitolite wrapper>> /home/dev_tools/git/gitauth.log
echouser:$ REMOTE_USER>> /home/dev_tools/git/gitauth.log
echogroups:$ HTTP_REMOTE_USER_GROUPS>> /home/dev_tools/git/gitauth.log
exec / home / dev_tools / git / bin / gitolite-shell $ REMOTE_USER 2>& 1 | tee -a /home/dev_tools/git/gitauth.log
以下输出:
输入gitolite包装
用户:olivier
群组:开发者...
状态:404未找到
过期时间:星期五,1980年1月1日00:00:00 GMT
Pragma:no-cache
Cache-Control:no-cache,max-age = 0,必须重新验证
未导出版本库:'/ home / dev_tools / git /存储库/测试'
因此,我的团体甚至我的用户名都符合R规则,但我被拒绝404错误,但是如果我取消注释 R = @all
规则,我将能够取回我的回购没有任何问题。
我得到的错误 git fetch
是
致命: http:// olivier @ myserver / testing / info / refs not found:你是否在服务器上运行git update-server-info?
以及相应的gitolite日志是:
2012-10-11.15:52:10 26728 access(testing,olivier,R,'any'), - > refs /.*
2012-10-11.15:52:10 26728 trigger,Writable,access_1,ACCESS_1,testing,olivier,R,any,refs /.*
2012-10-11.15:52: 10 26728 pre_git测试olivier R any - > refs /.*
2012-10-11.15:52:10 26728 system,git,http-backend
2012-10-11.15:52:10 26728 END
您知道为什么会发生这种情况吗?
解决方案正如VonC指出的,至少gitweb需要能够读取存储库。所以我可以通过添加以下方法来解决这个问题:
repo @all
R = gitweb守护进程
到我的存储库配置中,如给出的(没有任何细节) in gitolite documentation。
我真的认为直到现在gitweb才真正与gitolite分开,它是只是曾经有一个网页界面回购浏览,但我一定错过了gitolite文档中的东西。
恕我直言,它在链接文档中压力不够,因为我多次询问它之前读过它并且没有任何说明没有gitweb作为读者防止所有人阅读repos 。
编辑:请参阅Sitaram的解答。
I setup gitolite fine with Apache and a script retrieving my groups.I can effectively control who can push into a repository, but not who can read. Currently if I do not set R = @all rule on a repository nobody can read it, even people matched by other rules.
I have the following gitolite configuration:
repo testing R = @git-reader-test R = olivier # R = @all #Will work if I uncomment this line RW+ = @developers
My wapper script calling gitolite has the following code
echo "Entering gitolite wrapper" >> /home/dev_tools/git/gitauth.log echo "user: $REMOTE_USER" >> /home/dev_tools/git/gitauth.log echo "groups: $HTTP_REMOTE_USER_GROUPS" >> /home/dev_tools/git/gitauth.log exec /home/dev_tools/git/bin/gitolite-shell $REMOTE_USER 2>&1 |tee -a /home/dev_tools/git/gitauth.log
Which outputs:
Entering gitolite wrapper user: olivier groups: developers ... Status: 404 Not Found Expires: Fri, 01 Jan 1980 00:00:00 GMT Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate Repository not exported: '/home/dev_tools/git/repositories/testing'
So my groups and even my username match a R rule but I get rejected with a 404 error, although if I uncomment the
R = @all
rule I will be able to fetch my repo without any problem.The error I get on
git fetch
isfatal: http://olivier@myserver/testing/info/refs not found: did you run git update-server-info on the server?
And the corresponding gitolite logs are:
2012-10-11.15:52:10 26728 access(testing, olivier, R, 'any'),-> refs/.* 2012-10-11.15:52:10 26728 trigger,Writable,access_1,ACCESS_1,testing,olivier,R,any,refs/.* 2012-10-11.15:52:10 26728 pre_git testing olivier R any -> refs/.* 2012-10-11.15:52:10 26728 system,git,http-backend 2012-10-11.15:52:10 26728 END
Do you have any idea why this happen?
解决方案As VonC pointed out, at least gitweb need to be able to read the repository. So I could fix this by adding:
repo @all R = gitweb daemon
To my repositories configuration, as given (without any details) in gitolite documentation.
I really thought until now that gitweb was really separate from gitolite, that it was just used to have a web interface for repo browsing but I must have missed something in gitolite documentation.
IMHO its not well enough stressed in linked documentation since I read it multiple time before asking and nowhere is it said that not having gitweb as reader prevents everyone from reading repos.
Edit: see Sitaram answer for the explanation.
这篇关于在删除R @all规则后,在gitolite中找不到testing / info / refs的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!