prevent "git push --force"

[nmohan]

I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?

Thanks

[Sitaram Chamarty]

This is one of the most *fundamental* things that gitolite does.

Please see rules.html in the gitolite documentation (section 1 is what
you need, if I recall).

Briefly, "RW" allows fast-forward push and create, but to do a force
push or delete you need RW+.

[nmohan]

On Wednesday, 7 May 2014 11:58:20 UTC+5:30, nmohan wrote:
> I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?
>
> Thanks

I changed the RW+ rule to RW in gitolite.conf (repo testing
RW = @testgrp1) to restrict force push, still if i do a git push origin master --force , it pushes the code to the remote. i am missing something here.

[Sitaram Chamarty]

- send more info (the full conf file for instance) so we know what else may be in it
- did you actually commit and push the change to the gitolite.conf file?

[nmohan]

On Wednesday, 7 May 2014 11:58:20 UTC+5:30, nmohan wrote:

> I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?
>
> Thanks

Yes i did the commit and pushed the change. The conf file is very simple. This is a maint server and i just have 2 other repos for test purpose other than gitolite-admin which is as below

repo testing
RW = @testgrp1
R = @testgrp

repo sandbox_rg
RW+ = @sbrgrp_rw
R = @sbrgrp_r

But deletion of a branch in repo testing fails(as expected).

[Sitaram Chamarty]

On 06/06/2014 06:13 PM, nmohan wrote:
> On Wednesday, 7 May 2014 11:58:20 UTC+5:30, nmohan wrote:
>> I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?
>>
>> Thanks
>
> Yes i did the commit and pushed the change. The conf file is very simple. This is a maint server and i just have 2 other repos for test purpose other than gitolite-admin which is as below
>
> repo testing
> RW = @testgrp1
> R = @testgrp
>

and you say "git push --force" works?

maybe it's not a rewind push at all...

[nmohan]

On Wednesday, 7 May 2014 11:58:20 UTC+5:30, nmohan wrote:

> I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?
>
> Thanks

What i am trying to achieve here is no users should be able to do a force push operation. Only the specific users should be given the privilage to do "git push --force"

[nmohan]

On Wednesday, 7 May 2014 11:58:20 UTC+5:30, nmohan wrote:

> I realized that "git push --force" is possible on our repo and all users could do git push --force.Only the project managers or specific users should be given the privilage to do "git push --force". Is there any option to be set in gitolite.conf to prevents this?
>
> Thanks

forgot to mention yes git push --force works.

[milk]

Just because you have a --force in your command, doesn't mean the push
is a force push. It will force push when necessary, but if it isn't,
then its a normal push.