Deleting wildcard repos

568 views
Skip to first unread message

Maneesh M P

unread,
Feb 3, 2014, 12:56:01 AM2/3/14
to gito...@googlegroups.com
I am sorry for being dumb, I didnt quite understand the deletion part of by reading this

http://gitolite.com/gitolite/g2/wild_repodel.html

I created a my wildcard repo like this

repo abc/[a-zA-Z0-9].*
C = @abc-admin
RW+ = CREATOR
RW = @abc-team

Now, I would like to give @abc-admin delete permission as well?
How can i give the permission?
what command should i execute to delete one repo ?

Thanks,
Maneesh

Ralf Hemmecke

unread,
Feb 3, 2014, 3:01:31 AM2/3/14
to gito...@googlegroups.com
http://gitolite.com/gitolite/gitolite.html#s4

See 4.1.8 deleting a wild repo.

========
Run the whimsically named "D" command -- try ssh git@host D -h for more
info on how to delete a wild repo. (Yes the command is "D"; it's meant
to be a counterpart to the "C" permission that allowed you to create the
repo in the first place). Of course this only works if your admin has
enabled the command (gitolite ships with the command disabled for remote
use).
========

The last sentence is important. I.e. on the server, you would have to
change the ~/.gitolite.rc file appropriately.

Ralf

Maneesh M P

unread,
Feb 10, 2014, 9:43:07 PM2/10/14
to gito...@googlegroups.com
I have enabled "D" in gitolite.rc
ENABLE => [
'D',

I have a repository created under personal/x...@bac.com/ but when I execute the blow command to delete a repository, I get You are not authorized message :(

$ssh g...@git.abc.com D rm personal/x...@abc.com/sample.git
You are not authorised

The above repository was created by me using wildcard repository rules

Thanks,
Maneesh

Sitaram Chamarty

unread,
Feb 10, 2014, 10:44:18 PM2/10/14
to Maneesh M P, gito...@googlegroups.com
If you created it, this should not fail. Something else is wrong
somewhere -- someone fiddled with or removed the file gl-creator in the
repo directory, perhaps. Or maybe you have two userids and you used the
wrong one...

Maneesh M P

unread,
Feb 10, 2014, 11:21:43 PM2/10/14
to Sitaram Chamarty, gito...@googlegroups.com
my gl-creator has this line  "x...@abc.com" . And I have only one user name, which is my mail id :( 

$ls 
drwxrwx--- 7 git git 4096 Feb 10 19:45 sample.git

$cat .gitolite.rc
..................
 # how/why you might change this
    UMASK                           =>  0007,
.........
   .....

Is there any other change should i be doing in the gitolite.rc file ?
After your reply, I just clone a fresh repository,  and tried to delete it.. but got the same error :(

 ~/gitserver $ git clone git@git.abc.com:personal/x...@abc.com/new.git
Cloning into 'new'...
Initialized empty Git repository in /home/git/repositories/personal/x...@abc.com/new.git/
warning: You appear to have cloned an empty repository.
 ~/gitserver $ ssh git@git.abc.com D rm personal/x...@abc.com/new.git
You are not authorised



--
You received this message because you are subscribed to a topic in the Google Groups "gitolite" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gitolite/nFbnQuO0ztM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gitolite+u...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.



--
Regards,
Maneesh(മനീഷ് )

Sitaram Chamarty

unread,
Feb 10, 2014, 11:34:21 PM2/10/14
to Maneesh M P, gito...@googlegroups.com
On 02/11/2014 09:51 AM, Maneesh M P wrote:
> my gl-creator has this line "x...@abc.com <mailto:x...@abc.com>" . And
> I have only one user name, which is my mail id :(
>
> $ls
> drwxrwx--- 7 git git 4096 Feb 10 19:45 sample.git
>
> $cat .gitolite.rc
> ..................
> # how/why you might change this
> UMASK => 0007,
> .........
> .....
>
> Is there any other change should i be doing in the gitolite.rc file ?

that has nothing to do with gitolite's D command.

> After your reply, I just clone a fresh repository, and tried to
> delete it.. but got the same error :(
>
> ~/gitserver $ git clone g...@git.abc.com <mailto:g...@git.abc.com>:personal/x...@abc.com/ <http://x...@abc.com/sample.git>new.git
> Cloning into 'new'...
> Initialized empty Git repository in /home/git/repositories/personal/x...@abc.com/new.git/ <http://x...@abc.com/new.git/>
> warning: You appear to have cloned an empty repository.
> ~/gitserver $ ssh g...@git.abc.com <mailto:g...@git.abc.com> D rm personal/x...@abc.com/new.git <http://x...@abc.com/new.git>
> You are not authorised

This is what I get. I don't even know how you're NOT getting the
"locked" message if you try rm straight after creating the repo.

(blank lines inserted for readability)

$ git ls-remote u1:foo/u1
Initialized empty Git repository in /home/g3/repositories/foo/u1.git/

$ ssh u1 D rm foo/u1
'foo/u1' is locked!

$ ssh u1 D unlock foo/u1
'foo/u1' is now unlocked

$ ssh u1 D rm foo/u1
'foo/u1' is now gone!

Maneesh M P

unread,
Feb 10, 2014, 11:41:26 PM2/10/14
to Sitaram Chamarty, gito...@googlegroups.com
Is there any possible snippet I can paste here which could help in resolving the issue? 
Even I am not sure why have i did not get the locked message, I dont remember doing any changes related to lock.

Thanks,
Maneesh

Sitaram Chamarty

unread,
Feb 11, 2014, 1:16:41 AM2/11/14
to Maneesh M P, gito...@googlegroups.com
On 02/11/2014 10:11 AM, Maneesh M P wrote:
> Is there any possible snippet I can paste here which could help in
> resolving the issue?
> Even I am not sure why have i did not get the locked message, I dont
> remember doing any changes related to lock.

Post the outputs of the following commands:

(1) on your workstation

ssh git@server info

(2) on the server

gitolite query-rc COMMANDS
GL_USER=nobody gitolite info

(3) on the server, apply the attached patch, then try the "D" command
again on your workstation

(4) for that last operation, post the extract from the logfile
(~/.gitolite/logs/<something> on the server)

(5) Finally, post the D command source itself. This command has always
had the "unlock" requirement, so I am totally at a loss to understand
how that is getting bypassed.

I strongly suspect some idiot system admin somewhere fiddled with that
which he doth not grok.
D.patch

Maneesh M P

unread,
Feb 11, 2014, 2:39:13 AM2/11/14
to Sitaram Chamarty, gito...@googlegroups.com
Please find the information below[sine posting in the public space, i have changed domain names and actual repository names]

(1) on your workstation


hello manees...@abc.com, this is g...@git.abc.com running gitolite3 v3.5.3.1-9-gfc5467c on git 1.7.9.5

 R W    vampire/[a-zA-Z0-9].*
 R W    devil/[a-zA-Z0-9].*
 R W    aaa/[a-zA-Z0-9].*
 R W    bbb/[a-zA-Z0-9].*
 
     C  personal/CREATOR/[a-zA-Z0-9].*
 R W    xxxxx/[A-Z0-9].*
 R W    puppet/[a-zA-Z0-9].*
 R W    tools/reg-tools
 R W    tools/basic-tools
 R W    tools/advance-tools
 R W    tools/metrics
 R W    tools/productivity-tools


(2) on the server


git@git-master:~$ gitolite query-rc COMMANDS
D
desc
help
info
perms
writable
git@git-master:~$ GL_USER=nobody gitolite info
hello nobody, this is git@git-mastger running gitolite3 v3.5.3.1-9-gfc5467c on git 1.7.9.5

(3)
patch failed,

git@git-master: git apply D.patch
D.patch:7: trailing whitespace.
export D=9
D.patch:8: trailing whitespace.
set -x
error: patch failed: src/commands/D:1
error: src/commands/D: patch does not apply

so I manually edited the src/commands/D file
and added the below two lines just after #!/bin/sh

export D=9
set -x

Then executed the below command at client machine,
(4)

~/gitclient $ ssh g...@git.abc.com D rm personal/manees...@abc.com/new.git
+ [ -z rm ]
+ [ rm = -h ]
+ [ rm != list-trash ]
+ [ -z personal/manees...@abc.com/new.git ]
+ cmd=rm
+ gitolite query-rc GL_REPO_BASE
+ RB=/home/git/repositories
+ cd /home/git/repositories
+ gitolite query-rc TRASH_CAN
+ TRASH_CAN=
+ tcan=Trash
+ TRASH_CAN=Trash
+ gitolite query-rc TRASH_SUFFIX
+ TRASH_SUFFIX=
+ date +%Y-%m-%d_%H:%M:%S
+ tsuf=2014-02-10_23:17:46
+ TRASH_SUFFIX=2014-02-10_23:17:46
+ [ rm = rm ]
+ gitolite query-rc -q D_DISABLE_RM
+ owner_or_die
+ gitolite creator personal/manees...@abc.com/new.git manees...@abc.com
2       (gitolite)                      attempting gitolite command /home/git/gitolite/src/commands/creator
1       _system                         system  /home/git/gitolite/src/commands/creator personal/manees...@abc.com/new.git   manees...@abc.com
1       _system                         system() failed /home/git/gitolite/src/commands/creator personal/manees...@abc.com/new.gitman...@abc.com     -> 256
FATAL: child exited with value 1

 at /home/git/gitolite/src/lib/Gitolite/Common.pm line 102
        Gitolite::Common::_die('child exited with value 1\x{a}') called at /home/git/gitolite/src/lib/Gitolite/Common.pm line 149
        Gitolite::Common::_system('/home/git/gitolite/src/commands/creator', 'personal/manees...@abc.com/new.git', 'manees...@abc.com') called at /home/git/gitolite/src/gitolite line 78
+ die You are not authorised
+ echo You are not authorised
You are not authorised
+ exit 1

(5) log extrat attached
(6) D file attached
(7) I have attached the gitolite installation steps we followed 

gitolite-installation-steps.txt
gitolitelog.txt

Sitaram Chamarty

unread,
Feb 11, 2014, 3:19:07 AM2/11/14
to Maneesh M P, gito...@googlegroups.com

Sitaram Chamarty

unread,
Feb 11, 2014, 3:23:30 AM2/11/14
to Maneesh M P, gito...@googlegroups.com
On 02/11/2014 01:49 PM, Sitaram Chamarty wrote:
> Gaah...
>
> see third bullet in http://gitolite.com/gitolite/user.html#accessing-gitolite
>

[list: sorry for so many emails for one silly problem]

In addition, your 'info' command output does not actually contain the
repo you were trying to delete, so it is clear that -- even if you
remove the ".git" at the end, it won't work.

That repo does not exist, or you have no rights over it of any kind, if
you don't see it in the info command output.

You could also run

gitolite creator <reponame>

on the server to see who, if anyone, is listed as the creator.
Message has been deleted

Maneesh M P

unread,
Feb 11, 2014, 4:02:29 AM2/11/14
to Sitaram Chamarty, gito...@googlegroups.com
When I am migrating repositories from another server, Once I clone the mirror

git clone --mirror g...@olderver.abc.com:myteam/special.git

then in the server, inside special.git, if i create a file
vi gl-creater
and place my user name, manees...@abc.com

Will I become owner of that repository ?
If then I can have them deleted over ssh git@host D command as well.

Thanks,
Maneesh


On Tue, Feb 11, 2014 at 12:29 AM, Maneesh M P <manees...@gmail.com> wrote:
Did you mean the below poin ?

1.3 digression: two kinds of repos

Gitolite has two kinds of repos. Normal repos are specified by their full names in the config file. "Wildcard" repos are specified by a regex in the config file. Try the info command and see if it shows any lines that look like regex patterns, (with a "C" permission).

If you see any, it means you are allowed to create brand new repos whose names fit that pattern. When you create such a repo, your "ownership" of it (as far as gitolite is concerned) is automatically recorded by gitolite.

==================
if then , sorry I guess that was my stupidity that I did not post the entire info command output :( since its too long

hello manees...@abc.com, this is g...@git.abc.com running gitolite3 v3.5.3.1-9-gfc5467c on git 1.7.9.5

 R W   insane/[a-zA-Z0-9].*
 R W   devil/[a-zA-Z0-9].*
 R W   eops/[a-zA-Z0-9].*
 R W   ingestion/[a-zA-Z0-9].*
 R W   human/[a-zA-Z0-9].*
 R W   labrador/[a-zA-Z0-9].*
 R W   times/[a-zA-Z0-9].*
     C personal/CREATOR/[a-zA-Z0-9].*
 R W   vampire/[a-zA-Z0-9].*
 R W   puppet/[a-zA-Z0-9].*
 R W   waytosave/[a-zA-Z0-9].*
 R W   sane/[a-zA-Z0-9].*
 R W   tools/[a-zA-Z0-9].*
 R W insane/insane-admin-ui
 R W insane/insane-mdb
 R W insane/build
 R W insane/catalog-ingestor
 R W insane/cpapi
 R W insane/pmapi
 R W insane/pmapi-api-com
 R W insane/pmui
 R W insane/upapi
 R W devil/acceptance
 R W devil/archive/copymaker
 R W devil/archive/debs
 R W devil/archive/devildashboard
 R W devil/archive/dst-acceptance
 R W devil/archive/monitor
 R W devil/archive/publisher
 R W devil/archive/scheduler
 R W devil/archive/subscription-manager
 R W devil/archive/ui-manager
 R W devil/build
 R W devil/common
 R W devil/config-templates
 R W devil/copysender
 R W devil/devil-lib
 R W devil/devilrider
 R W devil/logstash
 R W devil/manifest
 R W devil/master
 R W devil/printerauth
 R W devil/sdapi
 R W devil/simulators
 R W devil/stacks
 R W devil/submanager
 R W devil/wpa
 R W eops/eops
 R W eops/ops
 R W eops/stacks
 R W gitolite-admin
 R W ingestion/catalog
 R W ingestion/snoopy-assets
 R W ingestion/snoopy-pub-creation
 R W ingestion/rws_repo
 R W ingestion/test-catalog
 R W human/catalog-api-com
 R W human/hpcs-object-store-sdk
 R W human/kmcs
 R W human/kmcs-message
 R W human/human-api-com
 R W human/human-auth
 R W human/human-migration
 R W human/human-mq
 R W human/human-shared
 R W human/human-test-harness
 R W human/landing
 R W human/master
 R W human/mdb-persistence
 R W human/pem
 R W human/snoopy-preflight
 R W human/services
 R W human/test
 R W human/vault
 R W human/vault-service-adapter
 R W human/vrapi-test-lib
 R W human/vsa-ui
 R W labrador/jumpstation
 R W labrador/labrador
 R W labrador/samples
 R W times/common_app_env
 R W times/common_app_gems
 R W times/printables_gen2
 R W personal/manees...@abc.com/new
 R W vampire/archive/catalog-examples
 R W vampire/archive/dev-utils
 R W vampire/archive/message-examples
 R W vampire/archive/message-utils
 R W vampire/archive/vampire-lib
 R W vampire/archive/vampire-workflow
 R W vampire/archive/services
 R W vampire/archive/storage-utils
 R W vampire/vampire-build
 R W vampire/vampire-docs
 R W vampire/vampire-examples
 R W vampire/vampire-exp
 R W vampire/vampire-services
 R W vampire/vampire-simulator
 R W vampire/vampire-test-controller
 R W puppet/cloudtools
 R W puppet/hieradata
 R W puppet/pso-cloud-tools
 R W puppet/pso-ops-tools
 R W puppet/puppet-admin
 R W puppet/puppet-data
 R W puppet/puppet-forge
 R W puppet/puppet-hiera
 R W puppet/puppet-hp
 R W puppet/puppeteer
 R W waytosave/education
 R W waytosave/jenkins
 R W waytosave/metro_apps
 R W waytosave/print_plugin
 R W waytosave/savings_center
 R W waytosave/savings_center_gen3
 R W waytosave/savings_center_mobile
 R W waytosave/travel
 R W waytosave/sultan
 R W sane/archive/xjh-dsa
 R W sane/archive/xjh-offramp
 R W sane/build
 R W sane/d-mailbox
 R W sane/eprint-dsa
 R W sane/gcpdb-persistence-lib
 R W sane/google-dsa
 R W sane/mailbox-web-client
 R W sane/mb-scheduler
 R W sane/securesocial
 R W sane/sender-mock
 R W sane/sendermock
 R W sane/smdb-persistence-lib
 R W sane/sane-acceptance
 R W sane/sane-api-com
 R W sane/test-dsa
 R W tools/3xapi-test-client
 R W tools/jkl-test
 R W tools/jkl-test3.2
 R W tools/jkl-test3.2-backup
 R W tools/jkl-test3.2-mirror
 R W tools/metrics
 R W tools/productivity-tools
 R W tools/rabbitmq
 R W tools/snoopy-cd
 R W tools/snoopy-tools
 R W tools/test
 R W tools/testing-ui
 R W tools/xjh-test





On Tue, Feb 11, 2014 at 12:19 AM, Sitaram Chamarty <sita...@gmail.com> wrote:
Gaah...

see third bullet in http://gitolite.com/gitolite/user.html#accessing-gitolite



--
Regards,
Maneesh(മനീഷ് )

Sitaram Chamarty

unread,
Feb 11, 2014, 4:35:50 AM2/11/14
to Maneesh M P, gito...@googlegroups.com
On 02/11/2014 02:32 PM, Maneesh M P wrote:

[changed subject line; please do not reuse threads. When people google
search later -- as you yourself did for some issues -- it becomes less
useful to have one thread morphing into different topics]

> When I am migrating repositories from another server, Once I clone the mirror
>
> git clone --mirror g...@olderver.abc.com:myteam/special.git
>
> then in the server, inside special.git, if i create a file
> vi gl-creater
> and place my user name, manees...@abc.com <mailto:manees...@abc.com>
>
> Will I become owner of that repository ?

Almost yes. You become the "creator". See below.

> If then I can have them deleted over ssh git@host D command as well.

Yes.

----

Until about a year ago, Gitolite only knew the concept of a "creator",
and there was only one.

But then people started seeing the need for more than one "owner",
because wild repos may be *created* by one person, but they often needed
to be *administered* by one of several people.

So now, even though large parts of the documentation probably conflate
"creator" and "owner", you can see wild.html and rc.html to actually
understand how this larger group become the "owner".
Reply all
Reply to author
Forward
0 new messages