From: Sitaram Chamarty <sitaram@atc.tcs.com>
To: martin f krafft <madduck@madduck.net>
Cc: git discussion list <git@vger.kernel.org>,
Teemu Matilainen <teemu.matilainen@iki.fi>
Subject: Re: [gitolite] symlink hooks instead of copying them
Date: Thu, 4 Feb 2010 08:52:39 +0530 [thread overview]
Message-ID: <20100204032239.GA5429@atcmail.atc.tcs.com> (raw)
In-Reply-To: <20100204014657.GA10114@lapse.rw.madduck.net>
On Thu, Feb 04, 2010 at 02:46:57PM +1300, martin f krafft wrote:
> also sprach Sitaram Chamarty <sitaram@atc.tcs.com> [2010.02.04.1428 +1300]:
> > I'm ok with symlinking stuff; a couple of "cp" commands
> > would change to "ln" :) Let me try it out (and make sure it
> > works for upgrades also...)
>
> ln -sf even.
yup...
> also sprach Sitaram Chamarty <sitaram@atc.tcs.com> [2010.02.04.1435 +1300]:
> > I forgot... part of the reason this "copy all hooks over each time
> > you run install" is also to give people an easy way to update the
> > hooks when the repo was *copied* from elsewhere, and not *created*
> > by gitolite in the first place.
> >
> > Basically I'm paranoid about that "update" hook, without which the
> > branch level access control doesn't work at all.
>
> Wouldn't it thus make sense to check during authentication that the
> symlink exists and points to the right file, and to deny access
> completely if that isn't the case?
Yeah I guess that's easy enough really... just need to
include a way to tell the code what is the right file to
point to. (Currently it's all inside $GL_ADMINDIR but in
the APT case that may not be true...?)
> Having a mass-update command for this might be nice, but I suppose
> it's also a trivial shell one-liner...
>
> for i (**/*.git/hooks/update) \
> ln -sf ~git/.gitolite/src/hooks/update $i
>
> (this is zsh, not sure bash can do this yet)
This has to work on systems that don't even have bash (like
plain old sh personality of ksh), leave alone zsh :)
Not saying it's hard; just a "find" in backticks. I'd still
rather put it inside the perl code somewhere that already
gets run anyway, as it is now...
next prev parent reply other threads:[~2010-02-04 3:23 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-03 20:47 [gitolite] symlink hooks instead of copying them martin f krafft
2010-02-04 1:28 ` Sitaram Chamarty
2010-02-04 1:46 ` martin f krafft
2010-02-04 3:22 ` Sitaram Chamarty [this message]
2010-02-04 4:13 ` martin f krafft
2010-02-04 6:17 ` Bill Lear
2010-02-04 6:34 ` martin f krafft
2010-02-04 1:35 ` Sitaram Chamarty
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100204032239.GA5429@atcmail.atc.tcs.com \
--to=sitaram@atc.tcs.com \
--cc=git@vger.kernel.org \
--cc=madduck@madduck.net \
--cc=teemu.matilainen@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).