proposed change of behaviour
26 views
Skip to first unread message
Sitaram Chamarty
Dec 29, 2012, 9:06:47 PM12/29/12
to gitolite, Mirko Friedenhagen
(Thanks to Mirko for asking something that made me think about this).
Right now, if you had this:
repo foo bar
... rules ...
and then subsequently you removed 'foo' from it, people can still
access the repo.
The reason I chose to allow that was that, since [2] clearly says you
have to delete the repo from the disk also, if the admin did not do
that it was probably a typo or fat-fingering something in the conf
file.
But it is also possible that the admin thought removing it from conf
is sufficient to remove access, and wished to delay the actual
deletion to some later date, since that is a bigger decision.
Question/poll is this: should we leave it as it is, or should we err
on the side of caution and make it inaccessible?
[1]: http://sitaramc.github.com/gitolite/emergencies.html#ue
[2]: http://sitaramc.github.com/gitolite/repos.html
--
Sitaram
Right now, if you had this:
repo foo bar
... rules ...
and then subsequently you removed 'foo' from it, people can still
access the repo.
The reason I chose to allow that was that, since [2] clearly says you
have to delete the repo from the disk also, if the admin did not do
that it was probably a typo or fat-fingering something in the conf
file.
But it is also possible that the admin thought removing it from conf
is sufficient to remove access, and wished to delay the actual
deletion to some later date, since that is a bigger decision.
Question/poll is this: should we leave it as it is, or should we err
on the side of caution and make it inaccessible?
[1]: http://sitaramc.github.com/gitolite/emergencies.html#ue
[2]: http://sitaramc.github.com/gitolite/repos.html
--
Sitaram
Ralf Hemmecke
Dec 30, 2012, 4:44:36 AM12/30/12
to gito...@googlegroups.com
> Right now, if you had this:
>
> repo foo bar
> ... rules ...
>
> and then subsequently you removed 'foo' from it, people can still
> access the repo.
No matter what the server has inside the repositories directory if the
>
> repo foo bar
> ... rules ...
>
> and then subsequently you removed 'foo' from it, people can still
> access the repo.
gitolite.conf file doesn't list foo, then nobody should be able to have
read or write access to this repository.
The only place where foo might still appear is in
list-dangling-repositories.
Ralf
Mirko Friedenhagen
Dec 30, 2012, 7:20:23 AM12/30/12
to gito...@googlegroups.com
Strucken by non-follow-up header :-)-
---------- Forwarded message ----------
From: Mirko Friedenhagen <mfried...@gmail.com>
Date: Sun, Dec 30, 2012 at 11:21 AM
Subject: Re: [gitolite] proposed change of behaviour
To: Ralf Hemmecke <hemm...@gmail.com>
Hello,
that is what I would expect as well. However I would like to get a bit
more help/debug-output (at least after sudoing to "the" git user) so I
may easily see what is going wrong. BTW: is there an overview about
all the gitolite specific files in a repository (and their meaning)?
Regards Mirko
> --
>
>
---------- Forwarded message ----------
From: Mirko Friedenhagen <mfried...@gmail.com>
Date: Sun, Dec 30, 2012 at 11:21 AM
Subject: Re: [gitolite] proposed change of behaviour
To: Ralf Hemmecke <hemm...@gmail.com>
Hello,
that is what I would expect as well. However I would like to get a bit
more help/debug-output (at least after sudoing to "the" git user) so I
may easily see what is going wrong. BTW: is there an overview about
all the gitolite specific files in a repository (and their meaning)?
Regards Mirko
>
>
Javier Domingo
Dec 30, 2012, 9:44:36 AM12/30/12
to Ralf Hemmecke, gitolite
I agree with Ralf, expected behaviour is no conf no repo
Javier Domingo
2012/12/30 Ralf Hemmecke <hemm...@gmail.com>:
> --
>
>
Javier Domingo
2012/12/30 Ralf Hemmecke <hemm...@gmail.com>:
>
>
Sitaram Chamarty
Dec 31, 2012, 4:57:59 AM12/31/12
to gito...@googlegroups.com
ok; done. No one voted in favour, which means I was being stupid in
the first place and it should never have been that way!
sitaram
> --
>
>
--
Sitaram
the first place and it should never have been that way!
sitaram
>
>
--
Sitaram
Reply all
Reply to author
Forward
0 new messages