3.6.9 is too secure :(
15 views
Skip to first unread message
Sitaram Chamarty
Sep 18, 2018, 9:50:44 AM9/18/18
to Gitolite Google Groups, gitolite...@googlegroups.com
In hindsight, saying things like "does not impact anything else" in the
commit message for dc13dfc was probably asking to be jinxed!
I screwed up in testing the change properly. Now it won't let you
import ANY repos into gitolite.
People who need to import repos, or even run "gitolite setup" if your
hooks directory has been botched, should use the attached patch until I
get 3.6.10 out. It's basically a partial revert.
What happened was this.
While denying access to repos that did not have a proper "update" hook,
I decided that even "ssh git@host info" should not see those repos.
The mistake I made was, instead of adding that check to the info
command, I added it to the place that supplies the list of repos to the
info command.
Unfortunately that's also the same place that "gitolite setup" gets its
list of repos whose hooks directory needs fixing and checking!
Ouch...
My apologies to everyone. I'll try and spend some time over the next
weekend or two, to properly test out the patch and roll out 3.6.10.
Any volunteers to help me with testing various workflows in the gitolite
documentation [1] would be greatly appreciated.
[1]: hint hint, the person who originally caught the problem ;-)
--
sitaram
commit message for dc13dfc was probably asking to be jinxed!
I screwed up in testing the change properly. Now it won't let you
import ANY repos into gitolite.
People who need to import repos, or even run "gitolite setup" if your
hooks directory has been botched, should use the attached patch until I
get 3.6.10 out. It's basically a partial revert.
What happened was this.
While denying access to repos that did not have a proper "update" hook,
I decided that even "ssh git@host info" should not see those repos.
The mistake I made was, instead of adding that check to the info
command, I added it to the place that supplies the list of repos to the
info command.
Unfortunately that's also the same place that "gitolite setup" gets its
list of repos whose hooks directory needs fixing and checking!
Ouch...
My apologies to everyone. I'll try and spend some time over the next
weekend or two, to properly test out the patch and roll out 3.6.10.
Any volunteers to help me with testing various workflows in the gitolite
documentation [1] would be greatly appreciated.
[1]: hint hint, the person who originally caught the problem ;-)
--
sitaram
Reply all
Reply to author
Forward
0 new messages