v3.6.10

27 views
Skip to first unread message

Sitaram Chamarty

unread,
Sep 30, 2018, 12:57:30 AM9/30/18
to gito...@googlegroups.com, gitolite...@googlegroups.com
Hi all,

dc13dfc (contained in 3.6.9) introduced a block on accessing
repos which are in the process of being moved into gitolite's
control, to close off a window of opportunity that an authorised
user might obtain on repos he should not have access to.

This block was (a) in gitolite-shell, which would catch all
git-client activity and (b) in list_phy_repos(), which would
prevent those repos from being seen by the 'info' command.

Unfortunately that was stupid; it also blocked 'gitolite setup'
itself, because setup uses list_phy_repos!

The correct place to put this was always going to be access(),
but I had initially shied away from that because it would cause
a slight glitch in the working of any POST_COMPILE trigger
scripts that used the access() function on any of the newly
migrated repos.

In the time between 3.6.9 and now, I have explored various
options, but they were all too kludgey.

The cleanest way seems to be to change the instructions in that
section, so what was just `gitolite setup` is now:

gitolite compile
gitolite setup --hooks-only
gitolite trigger POST_COMPILE

regards
sitaram
Reply all
Reply to author
Forward
0 new messages